2 PDF

Fraud Prevention, Detection & Audit
Course # 3043, 16 CPE Credits

Course CPE Information

Course Expiration Date
AICPA and NASBA Standards require all Self-Study courses to be completed and the final exam
submitted within 1 year from the date of purchase as shown on your invoice. No extensions
are allowed under AICPA/NASBA rules. On rare occasion, in response to customer feedback,
Western CPE deems it necessary to change one or more of the final exam questions. Thank you
for choosing Western CPE for your continuing professional education needs.
Field of Study
Auditing. Some state boards may count credits under different categories—check with your state
board for more information.
Course Level
Basic.
Prerequisites
There are no prerequisites.
Advanced Preparation
None.
Course Description
Auditors, more than any other group, are charged with detecting and preventing fraud within
businesses and nonprofits. The first part of the course provides an overview of fraud, profiles
perpetrators of fraud, and sheds light on what motivates people to commit fraud and how they
rationalize it. The latter half discusses fraud from an auditing point of view, risk factors for
fraud, how an auditor can detect fraud, how to investigate fraud, and how to implement SAS No.
99 to improve audit performance and increase the likelihood of detecting fraud. Useful,
illustrative examples are provided throughout.
Publication/Revision Date
This course was last updated September 2009.
© Copyright 2007 Marshall B. Romney
i
Instructional Design
Western CPE Self-Study courses are organized so as to lead you through a learning process
using instructional methods that will help you achieve the stated learning objectives. You will be
informed of the knowledge, skills, or abilities you will learn within each chapter of the course
(clearly defined learning objectives); you will learn the material (course content and instructional
methods); your learning will be reinforced (review questions); and your completion of meeting
the learning objectives will be measured (final exam questions). These and additional
instructional elements are listed and explained below. Please review this information completely
to familiarize yourself with all instructional features and to help ensure you will achieve all
course learning objectives.

The preceding section, “Course CPE Information,” details important information regarding CPE.
If you skipped over that section, please go back and review the information now to ensure you
are prepared to complete this course successfully.
Table of Contents
The table of contents allows you to quickly navigate to specific sections of the course.
Chapter Learning Objectives and Content

Chapter learning objectives clearly define the knowledge, skills, or abilities you will gain by
completing each section of the course. Throughout the course content, you will find various
instructional methods to help you achieve the learning objectives, such as examples, case studies,
charts, diagrams, and explanations. Please pay special attention to these instructional methods as
they will help you achieve the stated learning objectives.
Review Questions
The review questions accompanying each chapter are designed to assist you in achieving the
learning objectives stated at the beginning of each chapter. The review section is not graded; do
not submit it in place of your final exam. While completing the review questions, it may be
helpful to study any unfamiliar terms in the glossary in addition to chapter course content. After
completing the review questions for each chapter, proceed to the review question answers and
rationales.
Review Question Answers and Rationales

Review question answer choices are accompanied by unique, logical reasoning (rationales) as to
why an answer is correct or incorrect. Evaluative feedback to incorrect responses and
reinforcement feedback to correct responses are both provided.
Glossary
The glossary defines key terms. Please review the definition of any words of which you are not
familiar.
ii
Index
The index allows you to quickly locate key terms or concepts as you progress through the
instructional material.
Final Exam
Final exams measure (1) the extent to which the learning objectives have been met and (2) that
you have gained the knowledge, skills, or abilities clearly defined by the learning objectives for
each section of the course. Unless otherwise noted, you are required to earn a minimum score of
70% to pass a course. You are allowed up to three attempts to pass the final exam. If you do not
pass on your first attempt, please review the learning objectives, instructional materials, and
review questions and answers before attempting to retake the final exam to ensure all learning
objectives have been successfully completed.
Evaluation
Upon successful completion of your online exam, we ask that you complete an online course
evaluation. Your feedback is a vital component in our future course development. Thank you.
Western CPE Self-Study

243 Pegasus Drive
Bozeman, MT 59718
Phone: (800) 243-7395
Fax: (206) 774-1285
E-mail: selfstudy@westerncpe.com
Web site: www.westerncpe.com
Notice: This publication is designed to provide accurate information in regard to the subject matter covered. It is
sold with the understanding that neither the author, the publisher, nor any other individual involved in its distribution
is engaged in rendering legal, accounting, or other professional advice and assumes no liability in connection with
its use. Because regulations, laws, and other professional guidance are constantly changing, a professional should be
consulted should you require legal or other expert advice. Information is current at the time of printing.
iii
Table of Contents
Table of Contents
Course CPE Information .............................................................................................................. i

Instructional Design...................................................................................................................... ii
Table of Contents ......................................................................................................................... iv
Chapter 1 – Introduction to Fraud.............................................................................................. 1
Learning Objectives..................................................................................................................... 1
Definition of Fraud ...................................................................................................................... 2
The Nature and Elements of Fraud.............................................................................................. 4
Types of Fraud............................................................................................................................. 5
Employee Fraud ....................................................................................................................... 6
Fraudulent Financial Reporting................................................................................................ 7
External Fraud .......................................................................................................................... 8
Investment Fraud ....................................................................................................................... 10
“Red flags” Indicating an Investment Scam .......................................................................... 11
Summary.................................................................................................................................... 11
Charles Ponzi Case .................................................................................................................... 12
Chapter 1 Review Questions ..................................................................................................... 16
Chapter 1 Review Question Answers and Rationales ............................................................... 18
Chapter 2 – Who Commits Fraud and Why ............................................................................ 21
Learning Objectives................................................................................................................... 21
Profile of the Fraud Perpetrator ................................................................................................. 21
Social Forces Contributing to Fraud.......................................................................................... 23
Ostracism of the Whistle-Blower........................................................................................... 24
Failure to Report Fraud .......................................................................................................... 24
Failure of Businesses to Prosecute Fraud Perpetrators .......................................................... 24
Failure of Law-Enforcement Officials to Prosecute Fraud Perpetrators................................ 24
Light Sentences for Perpetrators ............................................................................................ 25
The Fraud Triangle .................................................................................................................... 26
Pressures................................................................................................................................. 27
Opportunities.......................................................................................................................... 28
Rationalizations...................................................................................................................... 30
Interaction of the Fraud-Triangle Elements ........................................................................... 31
Fraud Prevention Program......................................................................................................... 32
Identify Fraud Risk Factors.................................................................................................... 34
Identify Fraud Prevention Techniques ................................................................................... 34
The Unforgiving Casino Case ................................................................................................... 35
iv
Table of Contents

Chapter 3 – Fraud Prevention: Pressures and Rationalizations ............................................ 45
Employee Financial Pressures ................................................................................................... 45
Bad Investments or Heavy Financial Losses.......................................................................... 45
Excessive Lifestyle or Living Beyond One’s Means ............................................................. 45
Inadequate Compensation ...................................................................................................... 46
High Personal Debt ................................................................................................................ 46
Greed ...................................................................................................................................... 47
Desire to avoid paying taxes .................................................................................................. 47
Pride and Ambition ................................................................................................................ 48
A Need For Power or Control ................................................................................................ 48
Inability to Tolerate Delay or Frustration .............................................................................. 48
Insatiable Intellectual Challenge ............................................................................................ 48
Management Financial Pressures .............................................................................................. 48
Economic Cycles, Inflation, and Recession ........................................................................... 48
Impending Business Failures ................................................................................................. 49
Urgent Need For Earnings...................................................................................................... 49
Unfavorable Economic Conditions ........................................................................................ 49
Unrealistic Goals, Financial Targets, or Expectations Set By Management ......................... 50
There Are a Number of Other Important Company Pressures:.............................................. 50
Many Other “Red Flags” Appear Due to Management-Related Pressures............................ 50
Work-Related Pressures ............................................................................................................ 51
Severe Resentment ................................................................................................................. 51
Threat of Job Loss .................................................................................................................. 52
Overaggressive Compensation Plans ..................................................................................... 53
Low Employee Morale and Loyalty....................................................................................... 53
Lifestyle Pressures..................................................................................................................... 53
Gambling................................................................................................................................ 53
Drug or Alcohol Addiction .................................................................................................... 54
Sexual Relationships .............................................................................................................. 54
Family or Peer Pressure.......................................................................................................... 54
Beating the System................................................................................................................. 54
Rationalizations ......................................................................................................................... 55
Minimizing and Detecting Situational Pressures....................................................................... 56
Prevention Techniques ........................................................................................................... 56
Create a Proper Corporate Climate ........................................................................................ 56
Establish Employee Assistance Programs.............................................................................. 57
Regularly Evaluate Employee Performance .......................................................................... 57
Take Special Care With Certain Employees .......................................................................... 57
Monitor Employee Situational Pressures ............................................................................... 57
Minimize Company Pressures................................................................................................ 58
v
Table of Contents
Monitor Corporate Pressures.................................................................................................. 58

Maximizing Employee Integrity, Minimizing Rationalizations................................................ 59
Select Honest Employees ....................................................................................................... 59
Create a Culture of Honesty ................................................................................................... 60
Clearly Label Honest and Dishonest Actions ........................................................................ 60
Teach and Reward Honesty.................................................................................................... 60
Investigate and Prosecute Dishonesty .................................................................................... 61
Develop Proper Dismissal Practices ...................................................................................... 61
Properly Manage Disgruntled Employees.............................................................................. 61
Properly Train Employees...................................................................................................... 62
Case Study: Portrait of a White-Collar Criminal....................................................................... 62
Chapter 4 – Fraud Prevention: Opportunities......................................................................... 71
Opportunities that Allow Fraud................................................................................................. 71
Internal Control -- Risk Factors and Prevention Techniques .................................................... 71
Risk Factors............................................................................................................................ 71
Risk Factor: Insufficient Separation of Duties....................................................................... 72
Safeguarding Assets -- Risk Factors and Prevention Techniques ............................................. 74
Risk Factor: Inadequate Safeguarding of Assets.................................................................... 74
Prevention Technique............................................................................................................. 74
Processing of Transactions -- Risk Factors and Prevention Techniques................................... 74
Risk Factor: No Independent Checks on Performance .......................................................... 75
Risk Factor: Inadequate Record Keeping............................................................................... 75
Supervision -- Risk Factors and Prevention Techniques........................................................... 75
Risk Factor: Inadequate Supervision...................................................................................... 75
Organizational Structure -- Risk Factors and Prevention Techniques ...................................... 76
Risk Factor: Complex Business Structure.............................................................................. 76
Accounting Practices -- Risk Factors and Prevention Techniques............................................ 76
Risk Factor: Inadequate or Questionable Accounting Practices ............................................ 77
Risk Factor: Authority Figures Who Cannot Be Questioned................................................. 77
vi
Table of Contents
Risk Factor: Management’s Disregard for Guidelines, Controls, or Regulatory Authorities 78

Risk Factor: Employees with a Criminal or Questionable Background ................................ 79
Risk Factor: Related-Party Transactions................................................................................ 80
Risk Factor: Mutually Beneficial Personal Relationships with Customers or Suppliers....... 80
Risk Factor: Operating In a Crisis or Rush Mode.................................................................. 81
General or Administrative ......................................................................................................... 82
Risk Factor: Lack of an Effective Internal-Auditing Staff..................................................... 82
Risk Factor: No Internal Security System.............................................................................. 82
Risk Factor: Assets Highly Susceptible to Misappropriation ................................................ 82
Risk Factor: Unclear Policies and Procedures ....................................................................... 83
Risk Factor: Placing Too Much Trust in Employees ............................................................. 83
Risk Factor: No Policy of Mandatory Vacations during Which Someone Else Performs
Duties ..................................................................................................................................... 84
Risk Factor: Lengthy Tenure in a Key Job ............................................................................ 85
Risk Factor: Lack of Support for Company Values............................................................... 85
Risk Factor: No Audit Trails.................................................................................................. 86
Risk Factor: Managerial Carelessness or Inattention to Technical Details............................ 86
Risk Factor: No Effective Oversight By Board of Directors ................................................. 86
Risk Factor: Inadequate Training........................................................................................... 86
Risk Factor: Inaction .............................................................................................................. 86
Chapter 5 – Fraud Detection ..................................................................................................... 94
Company Vulnerabilities........................................................................................................... 94
vii
Table of Contents
Four Areas of Vulnerability....................................................................................................... 94

1. Receipt of Goods or Cash.................................................................................................. 94
2. Purchasing, Disbursement of Cash, and Shipment of Goods............................................ 94
3. Misappropriation of Company Assets............................................................................... 95
4. Fraudulent Reporting of Company Results....................................................................... 95
Use of Specialists....................................................................................................................... 95
Computer-Security Officers ...................................................................................................... 95
Forensic Accountants ................................................................................................................ 96
Fraud Symptoms........................................................................................................................ 96
Accounting Symptoms .............................................................................................................. 97
Altered, Forged, or Unusual Documents................................................................................ 97
Large, Unusual, or Complex Transactions at Year-End ........................................................ 98
Numerous Adjusting Entries at Year-End.............................................................................. 98
Unusual Journal Entries ......................................................................................................... 98
Ledger Problems .................................................................................................................... 99
Selecting or Changing to More Liberal Accounting Practices............................................... 99
"Going-Concern" or Adverse Opinions ................................................................................. 99
Premature Recognition of Revenue...................................................................................... 100
Current Expenses Moved to a Later Period ......................................................................... 100
Analytical Symptoms .............................................................................................................. 100
Financial-Statement Review ................................................................................................ 101
Vertical and Horizontal Analyses ........................................................................................ 101
Analysis of the Cash-Flow Statement .................................................................................. 104
Ratio and Trend Analysis Symptoms................................................................................... 106
Unusual Relationships.......................................................................................................... 106
Behavior Symptoms ................................................................................................................ 111
Altered Behavior .................................................................................................................. 112
Unexplained Behavior Changes ........................................................................................... 112
Management Pressures......................................................................................................... 112
Tip and Complaint Symptoms................................................................................................. 113
Hotlines ................................................................................................................................ 114
Whistle-Blowing .................................................................................................................. 114
Organizational Structure Symptoms........................................................................................ 115
Overly Complex Organizational Structure........................................................................... 115
Outsider/Related-Party Symptoms .......................................................................................... 115
Internal-Control Symptoms ..................................................................................................... 117
Lifestyle Symptoms................................................................................................................. 119
Environmental Symptoms ....................................................................................................... 120
Chapter 5 Review Questions ................................................................................................... 122
Chapter 5 Review Question Answers and Rationales ............................................................. 125
viii
Table of Contents
Chapter 6 – Fraud Investigation and Audit ........................................................................... 130

Learning Objectives................................................................................................................. 130
The Fraud Investigation Process.............................................................................................. 130
Four-Step Investigation Strategy ............................................................................................. 131
Step One -- Problem Recognition and Definition ................................................................ 131
Step Two -- Evidence Collection ......................................................................................... 131
Step Three -- Evidence Evaluation....................................................................................... 134
Step Four -- Report Findings................................................................................................ 134
Characteristics of a Fraud Report ............................................................................................ 134
Fraud Examination Theory...................................................................................................... 134
Evidence .................................................................................................................................. 136
Document Evidence ............................................................................................................. 137
Rules for Gathering and Handling Documentary Evidence................................................. 137
Obtaining Documentary Evidence ....................................................................................... 138
Validating Documentary Evidence ...................................................................................... 138
Types of Document Analysis ............................................................................................... 138
Finding Documentary Evidence........................................................................................... 139
Public Records...................................................................................................................... 140
Public Databases .................................................................................................................. 141
Credit Records...................................................................................................................... 141
Federal Government............................................................................................................. 141
State Government................................................................................................................. 142
City and County Records ..................................................................................................... 143
Net Worth............................................................................................................................. 144
Asset Method........................................................................................................................ 144
Expenditure Method............................................................................................................. 144
Net-Worth Calculation and Formula.................................................................................... 144
Vertical and Horizontal Analysis ......................................................................................... 147
People Evidence ................................................................................................................... 147
Hotlines and Informants ....................................................................................................... 147
Interviews ............................................................................................................................. 148
Types of Interviewees .......................................................................................................... 148
Interview Phases................................................................................................................... 148
Interview Guidelines ............................................................................................................ 148
Stages of Those Affected by Fraud ...................................................................................... 149
Interrogation ......................................................................................................................... 150
Personal-Observance Evidence ............................................................................................ 152
Surveillance.......................................................................................................................... 152
Undercover Operations ........................................................................................................ 153
Searches................................................................................................................................ 153
Invigilation ........................................................................................................................... 153
Physical Evidence ................................................................................................................ 154
Case Study ............................................................................................................................... 154
ix
Table of Contents
Directions: ............................................................................................................................ 154

The Facts: ............................................................................................................................. 154
Case Questions: .................................................................................................................... 155
Suggested Solutions -- Case Study....................................................................................... 156
The Sarbanes-Oxley Act of 2002 ............................................................................................ 157
How the Sarbanes-Oxley Act of 2002 Impacts the Accounting Profession ........................ 157
Public Company Accounting Oversight Board.................................................................... 157
New Roles for Audit Committees and Auditors .................................................................. 158
Criminal Penalties ................................................................................................................ 159
Financial Reporting and Auditing Process Additions .......................................................... 159
Business and Industry CPAs ................................................................................................ 160
Recent Accounting Scandals ................................................................................................... 160
The Collapse of Enron Corporation ..................................................................................... 160
The Rise and Fall of WorldCom .......................................................................................... 166
The Secrets of Adelphia ....................................................................................................... 172
Chapter 7 – Review of Statement on Auditing Standards No. 99 ........................................ 193
Learning Objectives................................................................................................................. 193
Brief Overview of SAS No. 99................................................................................................ 194
Discussion Regarding the Risks of Material Misstatement Due to Fraud............................... 194
Obtaining the Information Needed to Identify Fraud.............................................................. 195
Make Inquiries of Management and Others within the Entity About Fraud........................ 196
Consider the Results of the Analytical Procedures Performed While Planning the Audit .. 198
Consider Fraud Risk Factors ................................................................................................ 198
Consider Other Information That May Be Helpful in Identifying Risks ............................. 198
Identifying Risks That May Result in a Fraudulent Material Misstatement ........................... 199
Assessing the Identified Risks................................................................................................. 200
Responding to the Results of the Assessment ......................................................................... 200
Overall Responses to Identified Risks ................................................................................. 201
Responses to Identified Risks Involving the Nature, Timing, and Extent of Procedures to Be
Performed ............................................................................................................................. 202
Example Responses to Specific Fraudulent-Financial-Statement Risks.............................. 203
Example Responses to Fraud Risks Related to Misappropriation of Assets........................ 205
Responses to the Risk of Management Override of Controls .............................................. 206
Examining Journal Entries and Other Adjustments ............................................................. 207
Evaluating the Business Rationale for Significant Unusual Transactions ........................... 208
Evaluating Audit-Test Results................................................................................................. 208
Assessing Fraud Risk Throughout the Audit ....................................................................... 208
Evaluating Whether Analytical Procedures Indicate a Previously Unrecognized Fraud Risk
.............................................................................................................................................. 209
x
Table of Contents
Evaluating Fraud Risk At or Near the Completion of the Audit.......................................... 211

Responding to Misstatements That May be the Result of Fraud ......................................... 211
Before Withdrawing, the Auditor Should Consider Consulting with Legal Counsel.......... 212
Communicating with Management, the Audit Committee, and Others .................................. 212
Documenting the Auditor's Consideration of Fraud................................................................ 213
Glossary ..................................................................................................................................... 222
Index........................................................................................................................................... 227
xi
Chapter 1: Introduction to Fraud
Chapter 1 – Introduction to Fraud

Learning Objectives
After completing this section of the course, you should be able to:
1. List the basic elements of fraud and explain how the various types of fraud are carried
out.
2. Cite examples of fraudulent practices.
It is rare for a week to go by without the national or local press reporting another fraud. These
frauds range from an employee defrauding a local company out of a small sum of money to a
multimillion-dollar fraud that captures the attention of the nation.
Auditors are in a unique situation with respect to fraud. The public looks to them, more than any
other group, to prevent and detect fraud. And you can be sure that when it occurs in a company
with audited financial statements, the auditor will probably be sued by somebody. Therefore, it
behooves auditors to understand fraud.
The economic losses to fraudulent activity each year are staggering. The Association of
Certified Fraud Examiners estimates that fraud costs the United States $660 billion dollars a
year. That compares to its estimate of $11 billion dollars lost to violent crime each year.
The financial literature is full of stories of people who have committed a fraud or companies
victimized by fraud. The financial press also frequently publishes estimates of the losses
incurred as a result of fraud.
Consider the following estimates of fraud in the United States:

Χ Health agencies estimate fraud represents 10 percent of the nation’s health-care bill at a
cost of $75 to $130 billion a year.
Χ The tax gap, which is the difference between what people owe the government and what
they pay, exceeds $200 billion a year.
Χ The IRS estimates that electronic-tax-filing fraud costs the government billions of dollars
a year. For example, in one 10-month period, fraudulent electronic returns increased 105
percent.
Χ Thirteen percent of credit-card sales resulted in loss due to fraud. For example, fraud
losses at MasterCard exceed $300 million a year.
Χ Losses related to telephone fraud exceed $10 billion a year.
Χ Some 60 percent of Americans have shoplifted. An estimated 200 million shoplifting
incidents a year cost U.S. businesses almost $12 billion, or about $150 per family per
year.
Χ The National Center for Crime Data found that 80 percent of the 75 frauds they studied
were the work of insiders. Such frauds were perpetrated most frequently by
programmers, data-input clerks, and bank tellers.
Χ Thirty percent of all business failures are caused by fraud.
Χ The management of 45 of the 100 largest military suppliers is under investigation for
fraud.
1
Fraud is not a problem that is confined to the United States. In the United Kingdom, more than
300 cases of fraud involving amounts in excess of $150,000 were reported in a recent five-year
period. A survey in Ireland shows that during a three-year period, over 40 percent of the largest
500 corporations experienced a fraud. In recent years, Canada has reported losses of $39 million
from fraud. The biggest losses were a result of false financial statements, kickbacks, and
phantom vendors.
Not only are the losses to fraud very high, but the estimates of the number of people who commit
or would commit a dishonest act are also very high. Consider the following estimates:
Χ The director of fraud and security for a large consulting company stated that of every 10
workers, three look for a way to steal, three would steal if given an opportunity, and four
would usually be honest.
Χ Two out of every three college students admit to cheating on exams.
Χ An Institute of Management study found that 87 percent of managers were willing to
commit fraud if it would make their organizations look better.
Χ A study of 400 people found that 47 percent of top executives, 41 percent of controllers,
and 76 percent of graduate-level business students were willing to commit fraud by
understating write-offs that cut into their company’s profits.
One of the reasons why the losses to fraud are so much greater than those for violent crimes is
that fraud “pays better” than other crimes. One study found that the average loss to robbery was
$250 and to burglary was $450. In contrast, the average fraud committed by a company
employee was $23,500, and the average loss in a computer fraud was $500,000.
It is important to remember that the estimates of fraud losses are only that: estimates. The fact is
that no one really knows how much money is lost to fraud each year. Many frauds are not
detected and many of those that are detected are not reported to authorities. What we do know,
however, is that the losses are very large and that they are growing.
Definition of Fraud
Just what is this fraud that costs society so much, and exactly what does it consist of? It is
usually more difficult for auditors to discover frauds than it is to uncover errors because of the
intended deception associated with a fraud.
Fraud is defined as an intentional act of deceit for the purpose of gaining an unfair advantage that
results in an injury to the rights or interests of another person. This can be done using things
such as presentation of false or misleading information, suppressions of the truth, lies, tricks, and
cunning. Fraud perpetrators are often referred to as white-collar criminals to distinguish them
from criminals who commit violent crimes.
To commit most frauds, a perpetrator must take three different steps: the theft itself; converting
the asset to personal use; and concealing the fraud.
First, the fraudster must take something of value, such as cash, inventory, tools, supplies,
equipment, or data. It can also be an intentional reporting of misleading financial information.
2
Second, the perpetrator converts the assets into a form that can be used personally. This
conversion is usually required for all stolen assets except cash. Stolen checks must be deposited
to an account from which the perpetrator can withdraw funds. Information (such as trade secrets
or confidential company data) is often sold to someone such as a competitor.
Industry experts estimate that computer companies annually lose up to $200 billion in computer
chips due to armed robbery and employee theft. In some circles, computer chips are better than
gold. Their theft is being referred to as the crime of the electronic age. Employees who steal
these chips must convert them to cash. A sophisticated black market exists for the chips, and
they often change hands as much as ten times in three days. When some companies run short of
chips, they often end up buying their stolen chips back.
The following example illustrates the conversion process.
Example: On the advice of its trusted manager, a brand-name carpet manufacturer approved
purchase orders replacing looms described by a subsidiary as deteriorated past
reconditioning. But instead of being discarded or sold to a dealer, the used looms,
which were in perfectly sound condition, found their way to another building in a
town close by, along with skilled workers to man them. In a short time, a new low-
priced carpet maker was bidding against the original brand.
Third, the perpetrator must conceal the crime in order to avoid detection and to continue the
fraud. Concealing a fraud often takes more time and effort and leaves behind more evidence
than the actual theft does. Where there are checks and balances in the system, the perpetrator
often must “cook the books” to avoid detection.
The theft of cash may require the employee to doctor the bank reconciliation or to make false
accounting entries to avoid detection. Taking cash takes only a few seconds, but altering records
to hide the theft can be more challenging and time-consuming. One effective way to hide an
employee theft is to charge the stolen item off to an expense account.
An employee could steal $10,000 and charge it off to miscellaneous expense. Or, a payroll clerk
could add a fictitious name to the employee payroll records, intercept the paycheck, and cash it.
The company would be missing funds, but the books would be in balance because there was a
debit to a wages expense and a credit to cash.
In the case of expense accounts, the perpetrator’s principal exposure is limited to a year or less,
because expense accounts are zeroed out at the end of the year.
If perpetrators chose to hide the theft by affecting another balance-sheet account, they would
have to continue to hide it. Hence, one of the most popular ways to cover up a fraud is to hide the
theft in an income-statement account.
One of the most effective ways to prevent the theft-conversion-concealment process is to have an
effective system of internal controls. When such a system of controls is in effect, fraud is made
much more difficult. The internal control system must either be overridden or two or more
3
perpetrators must collude with each other.
The Nature and Elements of Fraud

A typical fraud has a number of important elements or characteristics.
1. The perpetrator of the fraud must have gained the trust or confidence of the person or
company being defrauded. This confidence makes it possible for the perpetrator to
commit and conceal the fraud. For this reason, fraud schemes are often referred to as
cons (from the word CONfidence).
2. In contrast to most other crimes, a perpetrator uses trickery or cunning to commit the
fraud rather than force. Instead of using a gun, a knife, or physical force to commit a
crime, perpetrators use false or misleading information. The intent is to get someone to
give them money or assets. They hide their tracks by falsifying records or other
information about the asset.
3. Most frauds, once begun, are rarely terminated voluntarily by the perpetrator. The greed
of the perpetrators is such that they continue to exploit the opportunity to obtain extra
funds, which they try to increase and extend. Once perpetrators start committing fraud, it
is very hard for them to stop. The following factors are reasons that perpetrators continue
a fraudulent scheme:
a. They usually begin to depend on the “extra” income and cannot afford to stop.
b. When faced with the prospect of having additional money at their disposal, many
move to a higher lifestyle that requires even greater amounts of money.
c. Most perpetrators will take as much money as they think their particular scheme
or method will allow them to take. The amount taken is usually limited only by
the success perpetrators have in concealing their actions or in the accidental or
contrived opportunities the perpetrator is able to discover or create.
d. Some frauds are self-perpetuating. If perpetrators stop, their actions would be
discovered, and they would get caught.
e. For these reasons, there are no small frauds -- only large ones that got detected
early.
4. Fraud perpetrators very rarely save or invest what they embezzle. Instead, they spend it.
In all of the cases that one particular fraud expert has investigated or read about, he has
only uncovered two perpetrators that “saved” the money embezzled. One perpetrator
converted the money to gold bullion and stashed it in his basement. The other put the
money into trust funds for her grandchildren.
5. If the perpetrators are not caught shortly after they begin, they typically become more
confident of their scheme. Many get greedy and take ever-larger amounts of money at
more frequent intervals. These larger amounts are more prone to be scrutinized carefully,
and a scheme that might have gone undetected for some time is uncovered because the
amounts taken rise to unacceptable levels.
6. As time passes, many perpetrators grow careless or overconfident and do not take
sufficient care to effectively hide their fraud. Such perpetrators usually make a mistake
that leads to their apprehension.
7. In time, the sheer magnitude of the amount of the fraud leads to its detection.
Example: For example, at one auto repair shop, the accountant, a lifelong friend of the shop’s
owner, embezzled ever-increasing funds from the shop over a seven-year period. In
4
the last year of the fraud, when the embezzler took over $100,000, the owner, facing
bankruptcy, eventually had to fire the accountant and have his wife take over the
bookkeeping. When the company began doing better, the wife began looking into the
reasons for the recovery. She uncovered the fraud.
8. The most significant contributing factor in most frauds is the failure to enforce existing
internal controls.
Types of Fraud
This course discusses four types of fraud:
1. A theft of assets, which many people refer to as employee fraud or a defalcation. SAS
No. 99, Consideration of Fraud in a Financial Statement Audit, refers to this as a
misappropriation of assets.
2. Management fraud, which SAS No. 99 refers to as fraudulent financial reporting.
3. External fraud.
4. Investment fraud.
The Association of Certified Fraud Examiners (ACFE) sent out 8,000 questionnaires to its
members asking them to report on frauds they were aware of. They had 2,563 usable responses
to their questionnaires. The study did not specifically delve into fraudulent financial reporting or
investment fraud, but it did look into employee and external frauds such as customer and vendor
frauds. The study shows that 61.8 percent were employee frauds; 6.2 percent were vendor
frauds; 11.4 percent were customer frauds; and 11.6 percent involved collusion between
employee and an outsider. (Other studies have shown that up to one-third of all fraud involves
collusion.)
It is very difficult to prevent or detect collusion involving two or more employees or collusion
between a customer or vendor and a company employee. The preventive aspect of the internal
control system can often be negated or circumvented by collusion. In addition, when two or
more people work together, it is much easier for perpetrators to hide their tracks.
Example: Two women at a credit-card company colluded to steal funds. One woman was
authorized to set up credit-card accounts, the other to write off unpaid accounts of
less than $1,000. The woman who created the accounts simply created a new account
for each of them using fictitious data. When the amount outstanding neared the
$1,000 limit, the woman in collections wrote them off. The first woman would then
create two new cards, and the process would be repeated. The women were caught
when one of them kicked her live-in boyfriend out of the house and would not let him
back in. To get even, he called the credit-card company and told the company what
the women were doing.
The most frequent forms of employee/vendor collusion include billing at inflated prices;
performing substandard work and receiving full payment; payment for nonperformance;
duplicate billings; and improperly funneling more work or purchasing more goods from a
colluding company.
5
The most frequent forms of employee/customer collusion include unauthorized loans or

insurance payments; receipt of assets or services at unauthorized discount prices; forgiveness of
amounts owed; and unauthorized extension of due dates.
Collusion may cause the auditor to believe that evidence is persuasive when it is, in fact, false.
For example, through collusion, false evidence that control activities have been performed
effectively may be presented to the auditor, or, the auditor may receive a false confirmation from
a third party who is colluding with management.
Employee Fraud
SAS No. 99, Consideration of Fraud in a Financial Statement Audit, defines misappropriation of
assets as “... the theft of an entity’s assets. Misappropriation can be accomplished in various
ways, including embezzling receipts, stealing assets, or causing an entity to pay for goods or
services not received. Misappropriation of assets may be accompanied by false or misleading
records or documents and may involve one or more individuals among management, employees,
or third parties.”
One study of 270 employee frauds found that 261 of the frauds involved the theft of cash. Cash
is far and away the most likely asset to be stolen because it can easily be spent; it does not need
to be converted into a spendable form, as do inventory and fixed assets; and it is usually easier to
take a larger amount of cash than any other type of asset.
The theft of cash can take many forms, including:

• Stealing cash itself (there are many ways to do this, such as underringing sales, taking
petty cash, taking cash and issuing a credit memo, or giving a fictitious refund for the
amount stolen, etc.);
• Using company checks or credit cards to pay personal expenses;
• Submitting false expenses, such as for travel;
• Overstating hours worked or increasing one’s monthly salary without authorization;
• Creating fictitious employees and cashing the paychecks, or cashing the checks of a
terminated employee;
• Stealing duplicate payments;
• Creating a fictitious vendor, submitting fraudulent invoices to the company, and cashing
the checks to pay for the fictitious goods;
• Granting loans to fictitious borrowers; and
• Stealing checks made out to the company or to someone else and cashing them.
Example: Albert Miano, a middle manager at Reader’s Digest making $35,000 per year,
embezzled $1 million from 1982 to 1987. Miano was responsible for processing bills
from the painters and carpenters at Reader’s Digest headquarters. As a test of the
system, he forged the signature of a superior on an invoice for painting that was never
done, submitted it to accounts payable, and told them to give him the check because
the painter needed it in a hurry. When the check went through, Miano forged the
painter’s endorsement on the check and deposited it in his own account. The scheme
was so easy he continued it for five years, buying a $416,000 contemporary house in
Connecticut, five cars, and an $18,000 motor boat.
6
There are many other types of employee fraud, including theft of inventory or other assets, the
unauthorized sale of assets, collusion with customers or suppliers, kickbacks and bribes, use of
company resources for personal purposes, and false reports or entries into accounts to improve
performance or cover missing assets.
Example: An information-systems manager at a Florida newspaper went to work for a

competitor when he was fired. Before long, the first employer realized its reporters
were constantly being scooped. The newspaper finally discovered the manager still
had an active account and password and regularly browsed its computer files for
information on exclusive stories.
Example: A Continental Illinois Bank vice president that was charged with approving $1 billion
in bad loans in exchange for $585,000 in kickbacks. The loans cost the Chicago bank
$800 million and helped trigger its collapse.
Fraudulent Financial Reporting

SAS No. 99, Consideration of Fraud in a Financial Statement Audit, defines fraudulent financial
reporting as “... intentional misstatements or omissions of amounts or disclosures in financial
statements to deceive financial-statement users.” It further states that fraudulent financial
reporting may involve acts such as:
• Manipulation, falsification, or alteration of accounting records or supporting documents
from which financial statements are prepared;
• Misrepresentation in, or intentional omission from, the financial statements of events,
transactions, or other significant information; and
• Intentional misapplication of accounting principles relating to amounts, classification,
manner of presentation, or disclosure.
The National Commission on Fraudulent Financial Reporting (also known as the Treadway
Commission) defines fraudulent financial reporting similarly: “... intentional or reckless conduct,
whether by act or omission, that results in materially misleading financial statements.”
Fraudulent financial reporting is usually committed by those high enough in an organization to

override internal controls. It may be motivated by a number of things, such as a need to deceive
investors and creditors, to cause the company’s stock price to rise, to meet cash-flow needs, or to
hide company losses and problems. Perpetrators of fraudulent financial reporting often receive
an indirect benefit from the fraud, such as they keep their job; the price of their stock rises; they
receive pay raises they do not deserve; and they are perceived as very good managers, which
means they are highly respected and are able to wield considerable power.
Fraudulent financial reporting is a very serious issue, one that is of great concern to independent
auditors. This was born out by the Treadway Commission’s study of over 450 lawsuits against
auditors between the years 1960 and 1985. They found fraud to be a factor in approximately 50
percent of them. When the Treadway Commission issued its recommendations, it suggested
several things that could be done to reduce the possibility of fraudulent financial reporting.
1. Establish an organizational environment and tone that contributes to the integrity of the
7
financial-reporting process.
2. Identify and understand the factors that can lead to fraudulent financial reporting.
3. Assess the risk of fraudulent financial reporting that these factors can cause within the
company.
4. Design and implement internal controls that provide reasonable assurance that fraudulent
financial reporting will be prevented.
Fraudulent financial reporting and misappropriation of assets are different in several ways:
a. Misappropriation of assets is committed against an entity, most often by employees,
while fraudulent financial reporting is usually committed by management to deceive
financial-statement users.
b. Misappropriation of assets involves the theft of assets, while most fraudulent financial
reporting involves the overstatement of assets or revenues.
c. Few employees or companies are motivated to steal or overstate liabilities or equities.
d. However, companies are motivated to understate liabilities as a means to fraudulently
misstate financial statements.
Both types of fraud can but do not necessarily result in material misstatements of an entity’s
financial statements.
External Fraud
Most organizations have safeguards over corporate assets that make it relatively more difficult
for an outsider to steal company assets. More often, the theft or misstatement comes from an
insider who has a knowledge and understanding of the company’s policies and procedures for
safeguarding assets. With that knowledge, the person is able to violate a trust, evade control
procedures, and commit and conceal the crime.
The following estimates reflect the frequency of fraud committed by insiders versus fraud
committed by outsiders. Retail stores estimate that 70 percent of their losses are a result of
employee theft; only 30 percent result from shoplifting. Banking organizations estimate that
over 90 percent of their fraud losses come from employee frauds. Less than 10 percent come
from external parties such as bank robbers and customers or suppliers.
However, even though external fraud is more difficult to commit, there is still a great deal of it,
and companies must take steps to protect against it.
External fraud is often categorized by the relationship of the perpetrator to the organization.
Fraud perpetrated by someone who buys from a company is referred to as customer fraud. Fraud
perpetrated by someone who sells goods to a company is referred to as vendor fraud.
In customer fraud, the perpetrator is able to get something of value without having to pay for it.
There are many ways to do this.
In a bust-out, the perpetrator may purchase goods but not pay for them. A bust-out is a
premeditated bankruptcy or insolvency, in which the perpetrator sets up a business; places small
orders for goods with as many suppliers as possible; sells the goods to retailers or other buyers at
8
deep discounts (often 25 percent or more); and uses the cash to promptly pay for the goods to
build up a good credit record. Good credit histories with large established companies help lure
in smaller suppliers. After the perpetrator wins the confidence of suppliers, he or she places
huge orders with all suppliers as often as possible and then sells all the goods at discounted
prices. When the suppliers finally get wise and cut the perpetrator off, he or she declares
bankruptcy or moves to a new city to start the process all over again. In the last few years, the
number of bust-outs has increased 30 to 50 percent.
Example: Over a 15-year period, a con artist named Al Forman was involved in 25 separate
bust-outs, each of which netted him $1 million to $4 million dollars.
Example: An individual set up Discount Merchandise (appropriately named) in Chicago and

bilked vendors for $3.2 million over an 18-month period. At the end of the bust-out,
Discount Merchandise was ordering so much that tractor trailers were lined up
outside its warehouse from morning until night. To hide the influx of cash, every
week members of the individual’s family would spend hours going from bank to bank
depositing $9,900 into each of their various bank accounts. In one year, they
deposited almost $2 million. The individual was finally caught, convicted of fraud,
and given a six-year prison sentence.
In a bleed-out, a company that has been in business for years goes out of business slowly by
refusing to pay creditors, one by one, until finally no one will extend it any more credit. It is
hard to prove that this is not just a business that has fallen on hard times.
The perpetrator may trick a company into sending goods or providing services and then not send
a bill, or send it to someone else. For example, perpetrators may break into a phone system or
steal a calling-card number and make phone calls that they are either not charged for or that are
billed to someone else. Or the perpetrators may try to use fake credit cards.
Example: One perpetrator found a way to break into a mail-order company’s computer system
and have the system send him merchandise but not a bill.
Example: A technology enthusiast named John Draper discovered that the whistle offered as a
prize in Cap’n Crunch cereal exactly duplicated the frequency of a WATS line. He
used his discovery to defraud phone companies by making a large number of free
telephone calls.
Bank customers can write NSF (not sufficient funds) checks, counterfeiters can create bogus
checks, or people can use stolen credit cards. The number of check-fraud cases has increased
from 537,000 to 1,267,000 over a recent two-year period and now costs commercial banks
almost $1 billion per year. Much of the increase is due to an organized effort by counterfeiters.
Corporate payroll checks are particularly vulnerable to these schemes.
Example: A band of counterfeiters moved from town to town in the Northwest several years
ago. They illegally obtained a copy of a payroll check from a large employer in the
9
town. Then they used a desktop publishing package and a laser printer to make bogus
checks. They capitalized on the fact that banks are normally required to cash
corporate checks immediately. On the day workers were paid, they flooded the town
with the checks and then moved on. The larger the bank, the more likely it is to
become a victim of organized counterfeiters. Almost 80 percent of the banks with
more than $5 billion in assets (as compared to only 48 percent of smaller banks) said
that professional con artists were responsible for most of their bad-check losses.
Companies or governmental entities are defrauded when their customers submit false or inflated
claims for insurance, disability, public assistance, Social Security, accidents, fires, theft, or
natural disasters. They even fake auto accidents and deaths.
Perpetrators can obtain bogus loans or fraudulent grants by filing false financial statements,
appraisals, credit ratings, or employee information, or pledging nonexistent capital.
In vendor fraud, the perpetrator gets a company or individual to fraudulently pay for goods or
services. Some examples of vendor fraud include inflating prices; substituting goods of inferior
quality; short-shipping; billing for services not performed; billing for goods not delivered; and
multiple billings for the same service.
The vendor may commit the fraud without help from an insider or by colluding with a company
employee. For example, a purchasing agent authorizes the purchase of goods at significantly
inflated prices and then receives a kickback of 25 percent of the overcharged amount.
Example: A kickback scheme at Avondale Shipyards resulted in the company’s paying $47
each for welding-gun tips that should have cost only $20 each.
Investment Fraud
In an investment fraud, the perpetrator sells an investor a worthless or overpriced investment or
promises an unusually high rate of return that cannot be honestly earned. Many of these frauds
are Ponzi schemes.
Many people regard Charles Bianchi, who used the alias of Charles Ponzi, as the king of
investment swindles. In 1920, Ponzi told investors he could purchase postal reply coupons in
Europe for one cent each and exchange them in the United States for 10 cents worth of postage
stamps. These stamps could then be converted into cash. However, he did not have the financial
resources to buy all of the postal reply coupons he could find, so he was willing to let others
invest with him. He promised to pay the investors a 50-percent return on their money every 45
days. However, Ponzi never invested more than a few dollars in the coupons. Instead, he took
the money of later investors and used it to pay off earlier investors. As he paid off his first
investors, word got around and hundreds of investors flocked to him seeking the high returns he
promised. In eight months, Ponzi cheated his investors out of $15 million. Ponzi’s only expense
was the 50 percent he promised to pay his investors. He spent the rest.
Ponzi’s scheme required an ever-increasing amount of money to keep it from collapsing.

However, the scheme never grew big enough to collapse. A Boston newspaper reporter
10
investigated Ponzi and found that Europe had less than $1 million in postal reply coupons. Ponzi
was given federal and state jail sentences and was later deported. He died a pauper in Brazil.
Ponzi has had many imitators, and this type of fraud is known as a Ponzi scheme.
“Red flags” Indicating an Investment Scam

There are a number of red flags present in most investment frauds. The presence of any one of
these red flags does not indicate that an investment is a scam, but the more that are present, the
more likely it is that something is fishy. Some of the more important red flags are now described
Χ The investment does not make good business sense. For example, the investment has
abnormal rate of return, yet is promoted as having a low risk; the promised rate of return
is not reasonable when compared to other similar investments; or the investment assumes
continued and unrealistic inflation or appreciation in predicting the attractive rates of
return.
Χ Hurry and high pressure factor. Getting in early is critical; there is a rush to “act now”
and invest money immediately. Also, there is pressure to invest all savings.
Χ The proposed investment is based on a special or “little-known” tax loophole or tax-
avoidance scheme. Remember, even if the loophole and tax-avoidance investment is
legitimate, it can vanish with a stroke of the congressional pen.
Χ The investment approach cannot be fully disclosed. It is one of the investment’s unique
reasons for success.
Χ The investment depends on kickbacks and/or complicated marketing schemes. It could
also involve special concessions to those who have money, or unwritten deals that cannot
be talked about because of domestic or foreign laws.
Χ The investment’s success depends upon someone’s “unique expertise.” Examples are an
uncanny ability to predict commodity prices and pick investments. Remember, even if the
claim is accurate, the person with the special skills might leave.
Χ Guarantees. However, a written promise is not worth much when a company goes
bankrupt.
Χ New company in town. This is a red flag if the company offering the investment is new in
town, cannot provide financial statements, or is evasive about where the principals come
from and what their operations were in previous locations. It is possible that the
principals had been involved in bankruptcy or scandals previously.
Χ The principals are doing well. The principals in the business are living high on the hog
even though the business is relatively new. Just because they look successful does not
mean they are. They could be living so high because they are diverting company funds.
Χ The investor feels sorry for the principals. The investor wants to put additional money in
to help the principals overcome temporary problems.
Χ The investor is excited about the investment. It is endorsed by a friend, fellow church
member, family member, or new business acquaintance. Or, the emotional desirability of
holding the investment or asset is its principal attraction.
Summary
When 87 percent of managers surveyed indicate that they are willing to commit fraud if it would
make their organizations look better, we realize that fraud is a very serious problem. And,
unfortunately, societal trends lead us to believe that the problem will not get better any time
soon.
11
Charles Ponzi Case
Charles Ponzi was such a famous swindler that the investment fraud technique he used was
named after him, though he was not the first to use the scheme.
Carlo Bianchi was born in Italy in 1882. He was a postal worker and attended the University of
Rome. In 1903, he dropped out to immigrate to the United States under the name Charles Ponzi.
He arrived in Boston with $2.50 in his pocket, having gambled away the rest of his savings
during the voyage.
Ponzi worked odd jobs until he lost his waiter job for shortchanging customers. He moved to
Canada and worked for a bank that paid double the going interest rate by dipping into new
accounts. The bank failed and the owner fled to Mexico. Destitute, he forged a $423.58 check
and was sentenced to 3 years in prison. To hide his conviction from his mother, he wrote that he
had found a job as a "special assistant" to a prison warden.
Released after less than 2 years, he was caught smuggling Italians into the U.S. and spent two
years in an Atlanta prison. When he was released, he returned to Boston, married in 1918, and
started a company that failed.
Before his company failed, Ponzi received an international postal reply coupon (a form of pre-
paid postage) in the mail. A coupon, purchased abroad, could be exchanged in the U.S. for
postage to send a letter back abroad. Before World War I, prices were fixed so that the cost of a
coupon was the same in every country. When the war ended, many European currencies fell in
value while the coupon exchange rate remained the same. Ponzi learned that a coupon purchased
in for 1 cent in Europe could be redeemed for six 1-cent stamps in the U.S.
Ponzi started the Securities Exchange Company in December 1919 and set out to profit from this
price differential. His plan was to:
1. Convert American money into a currency where the exchange rate was favorable
2. Use the funds to purchase postal reply coupons in countries with weak economies
3. Exchange the coupons back into a favorable foreign currency
4. Convert the funds back into American dollars
Ponzi claimed 400% profits, after expenses and exchange rate fees. To help fund his purchases,
he promised investors a 50% return on their money in ninety days, but claimed he could deliver
in just forty-five days. In other words, you could double your money in just 90 days.
Ponzi’s notes read as follows:
The Securities Exchange Company, for and in consideration of the sum of

exactly $1,000 of which receipt is hereby acknowledged, agree to pay to the
order of ___________, upon presentation of this voucher at ninety days from
date, the sum of exactly $1,500 at the company's office, 27 School Street, room
227, or at any bank.
12
The Securities Exchange Company,

Per Charles Ponzi.
Ponzi hired people to market his investment and paid generous commissions. However, his best
marketing was paying early investors double their money in 45 days. By February 1920, Ponzi
had taken in $5,000. By July 1920, he had taken in millions. At its peak, he had people lined up
for blocks trying to give him money and was taking in over $1,000,000 a week. People were
investing their life savings and widows were mortgaging their homes. So much money came in
it filled every desk drawer, wastepaper basket, and closet. To support his scheme, Ponzi
obtained a controlling interest in the Hanover Trust Bank.
Ponzi never invested the money he received in postal reply coupons. Instead, he used the money
of later investors to pay off earlier investors. This was easy to do because of the tremendous
growth in new money and the roll over of many of the old notes.
Ponzi splurged on a lavish lifestyle. He bought a 20-room mansion with air conditioning and a
heated swimming pool. He bought the finest jewels and dresses for his wife and the finest suits
for himself. His fellow Italians considered him a hero and cheered him wherever he went.
Early on, Ponzi was investigated by federal, state, and local authorities but no one could prove
wrongdoing. Ponzi paid his notes on time and no one filed a complaint against him.
When a furniture dealer sued him unsuccessfully, people who wondered how he could go from
broke to multi-millionaire so fast triggered a run on his company. His prompt payments quelled
the unrest and demands for repayment.
On July 24, 1920, the Boston Post ran a positive article that led to a surge in investments. That
same week he met with Massachusetts investigators and promised to stop taking in money while
they investigated him.
On July 26, the Post began a series of articles questioning Ponzi and his company. One article
quoted Clarence Barron, a financial analyst and the publisher of Barrons (a financial newspaper).
Barron stated that Ponzi would have to have purchased 160 million postal reply coupons based
on the money he had taken in, but there were only some 27,000 in circulation. Barron also stated
that the administrative costs necessary to handle the currency exchanges and the transaction costs
of purchasing, transporting, and redeeming such a large number of coupons would quickly eat up
the profits. The U.S. Post Office confirmed that large quantities of postal reply coupons were
not being purchased, either in the U.S. or abroad.
The articles caused investors to panic. Large and unruly crowds gathered at the Securities
Exchange Company. Ponzi calmed the crowd and gave out free coffee and donuts. Many were
so reassured they changed their minds about withdrawing their money. Even so, in three days
Ponzi repaid over $2 million in loans to over a thousand people.
Ponzi hired James McMasters as his publicity agent. Ponzi’s contradictory statements and the
13
ongoing investigations made him so suspicious he quit. He sold his story to the Boston Post,
who quoted him as saying that Ponzi was a "financial idiot." On August 2, the Post claimed he
was bankrupt. Then the Post disclosed Ponzi's criminal record and published his mug shots.
On August 10, federal agents shut down the Securities Exchange Company. They did not find
any postal reply coupons. The Hanover Trust Bank was also shut down. Four other banks soon
closed their doors.
Ponzi was arrested by federal authorities on August 13 and charged with 86 counts of fraud. He
was released on a $25,000 bond, immediately arrested by Massachusetts authorities, and released
on another $25,000 bond. There were federal and state civil and criminal trials, bankruptcy
hearings, individual suits against Ponzi, and suits filed by Ponzi.
On November 1, 1920, Ponzi pled guilty to mail fraud and was sentenced to five years in federal
prison. In jail, he continued to receive funds from people who still trusted him.
An estimated 40,000 people (including ¾ of the Boston Police Force) invested $15 million ($140
million in today’s dollars) in Ponzi’s scheme. That was enough to buy some 180,000,000 postal
coupons. Authorities were able to confirm the purchase of only two. Ponzi’s only legitimate
income during the fraud was $45 in dividends from five shares of stock. He had assets of
$1,593,834.12. It took eight years, but investors eventually received 37% of their money back.
Released after serving three and one-half years, Massachusetts sentenced him to nine years. He
was released on a $14,000 bond pending an appeal.
He jumped bail, fled to Florida, purchased worthless land for $16 an acre, subdivided it into 23
lots, sold each for $10, and made $214 per acre. He promised gullible investors who reinvested
their profits that in two years the land would increase in value to $5.3 million. Sentenced to a
year in a Florida prison, he jumped bail on June 3, 1926 and fled to Texas. He disguised his
appearance by shaving his head and growing a mustache and signed on as a crewman on a
merchant ship headed for Italy. He was captured on June 28th when the boat docked in New
Orleans.
Ponzi was returned to Boston, imprisoned, and released after seven years. He was deported to
Italy on October 7, 1934 since he never had become an American citizen. Although his wife
eventually divorced him, they exchanged love letters until Ponzi died.
In Italy, Ponzi worked as an English translator and tried several unsuccessful schemes. In 1939,
he landed a job with Italy’s new airline as the Rio de Janeiro, Brazil branch manager. Ponzi
discovered airline officials using the carrier to smuggle currency. When they refused to give
Ponzi a cut, he tipped off the Brazilian government. During World War II, Brazilian authorities
shut the airline down because it was being used to ship strategic war materials.
Ponzi spent the last years of his life in poverty. He was unsuccessful in running a Rio lodge,
taught English, and received unemployment funds. He had a stroke in 1948, and died in a charity
hospital in Rio de Janeiro on January 18, 1949.
14
In the hospital, Ponzi granted an interview to an American reporter: "Even if they never got
anything for it, it was cheap at that price. Without malice aforethought I had given them the best
show that was ever staged in their territory since the landing of the Pilgrims! It was easily worth
fifteen million bucks to watch me put the thing over!"
Because Ponzi’s scheme was so large and so talked about, all subsequent “use money from later
investors to pay earlier investors” frauds have been called Ponzi schemes.
15
Chapter 1: Review Questions
Chapter 1 Review Questions
rationales.
1. The Association of Certified Fraud Examiners estimates that fraud costs the U.S.:
A. $11 billion a year.

B. $120 billion a year.
C. $660 billion a year.
D. $900 billion a year.
2. True or false: Fraud is defined as an intentional act of deceit for the purpose of gaining
an unfair advantage that results in an injury to the rights or interests of another person.
A. True.
B. False.
3. To commit most frauds, a perpetrator must take which three steps?
A. Waiting for the opportunity to present itself; a pressure existing; and rationalizing
the act.
B. Committing the theft itself; converting the asset to personal use; and rationalizing
the act.
C. Committing the theft itself; converting the asset to personal use; and concealing
the fraud.
D. Waiting for the opportunity to present itself; converting the asset to personal use;
and concealing the fraud.
4. True or false: Concealing a fraud often takes more time and effort and leaves behind
more evidence than the actual theft does.
A. True.
B. False.
5. An effective way for an employee to hide theft is to charge the stolen item off to:
A. An asset account.
B. A liability account.
C. An equity account.
D. An expense account.
6. Granting loans to fictitious borrowers is an example of:
16
A. Employee fraud.
B. Management fraud.
C. External fraud.
D. Investment fraud.
7. Which of the following would involve acts such as the misrepresentation in or intentional
omission from the financial statements of events, transactions, or other significant
information?
A. Employee fraud.
C. External fraud.
8. A bust-out, a premeditated bankruptcy or insolvency, is an example of:
A. Employee fraud.
C. External fraud.
17
Chapter 1: Review Question Answers and Rationales
Chapter 1 Review Question Answers and Rationales
1. The Association of Certified Fraud Examiners estimates that fraud costs the U.S.:
A. $11 billion a year. This answer is incorrect because $11 billion is what the
Association of Certified Fraud Examiners estimates as the cost of violent crime,
not the cost of fraud.
B. $120 billion a year. This answer is incorrect because the Association of Certified
Fraud Examiners estimates that fraud costs the United States $660 billion a year,
not $120 billion.
C. $660 billion a year. This answer is correct because the Association of
Certified Fraud Examiners estimates that fraud costs the United States $660
billion a year.
D. $900 billion a year. This answer is incorrect because the Association of Certified
Fraud Examiners estimates that fraud costs the United States $660 billion a year,
not $900 billion.
2. True or false: Fraud is defined as an intentional act of deceit for the purpose of gaining
an unfair advantage that results in an injury to the rights or interests of another person.
A. True. This answer is correct because fraud is defined as an intentional act of

deceit for the purpose of gaining an unfair advantage that results in an
injury to the rights or interests of another person.
B. False. This answer is incorrect because it is true that fraud is defined as an
intentional act of deceit for the purpose of gaining an unfair advantage that results
in an injury to the rights or interests of another person.
3. To commit most frauds, a perpetrator must take which three steps?
A. Waiting for the opportunity to present itself; a pressure existing; and rationalizing
the act. This answer is incorrect because the opportunity presenting itself; a
pressure existing; and rationalizing the act are not the three steps a perpetrator
must take to commit most frauds.
B. Committing the theft itself; converting the asset to personal use; and rationalizing
the act. This answer is incorrect because rationalizing the act is not one of the
three steps a perpetrator must take to commit most frauds.
C. Committing the theft itself; converting the asset to personal use; and
concealing the fraud. This answer is correct because with most frauds the
three steps a perpetrator must take are the theft itself, converting the asset to
personal use, and concealing the fraud.
D. Waiting for the opportunity to present itself; converting the asset to personal use;
and concealing the fraud. This answer is incorrect because the opportunity
18
presenting itself is not one of the three steps a perpetrator must take to commit
most frauds.
4. True or false: Concealing a fraud often takes more time and effort and leaves behind
more evidence than the actual theft does.
A. True. This answer is correct because concealing a fraud often does take
more time and effort and leave behind more evidence than the actual theft
does.
B. False. This answer is incorrect because it is true that concealing a fraud often
takes more time and effort and leaves behind more evidence than the actual theft
does.
5. An effective way for an employee to hide theft is to charge the stolen item off to:
A. An asset account. This answer is incorrect because balance sheet accounts are not
zeroed out at the end of the year which requires the employee to continue to hide
the fraud year after year.
B. A liability account. This answer is incorrect because balance sheet accounts are
not zeroed out at the end of the year which requires the employee to continue to
hide the fraud year after year.
C. An equity account. This answer is incorrect because balance sheet accounts are
not zeroed out at the end of the year which requires the employee to continue to
hide the fraud year after year.
D. An expense account. This answer is correct because the expense accounts are
zeroed out at the end of the year which limits the employee’s principal
exposure to a year or less.
6. Granting loans to fictitious borrowers is an example of:
A. Employee fraud. This answer is correct because granting loans to a fictitious

borrower would be perpetrated by an employee, making the fraud an
example of employee fraud.
B. Management fraud. This answer is incorrect because management fraud is related
to helping the company look better by fraudulent financial reporting rather than
stealing from the company by granting loans to fictitious borrowers.
C. External fraud. This answer is incorrect because external fraud is perpetrated by
an outside entity such as a customer or a vendor, rather than an employee.
D. Investment fraud. This answer is incorrect because investment fraud occurs when
the perpetrator sells an investor a worthless or overpriced investment or promises
an unusually high rate of return that cannot be honestly earned rather than stealing
from the company by granting loans to fictitious borrowers.
7. Which of the following would involve acts such as the misrepresentation in or intentional
omission from the financial statements of events, transactions, or other significant
information?
19
A. Employee fraud. This answer is incorrect because employee fraud is related to

the misappropriation of assets rather than fraudulent financial reporting
perpetrated by management.
B. Management fraud. This answer is correct because the misrepresentation in,
or intentional omission from, the financial statements of events, transactions,
or other significant information would be perpetrated by management,
making the fraud and example of management fraud.
C. External fraud. This answer is incorrect because external fraud is perpetrated by
an outside entity such as a customer or a vendor, rather than management.
an unusually high rate of return that cannot be honestly earned rather than
fraudulent financial reporting perpetrated by management.
8. A bust-out, a premeditated bankruptcy or insolvency, is an example of:
A. Employee fraud. This answer is incorrect because employee fraud is related to

the misappropriation of assets through knowledge and understanding of the
company’s policies and procedures for safeguarding assets rather than stealing
from the company by a premeditated bankruptcy or insolvency.
B. Management fraud. This answer is incorrect because management fraud is related
to helping the company look better by fraudulent financial reporting rather than
stealing from the company by a premeditated bankruptcy.
C. External fraud. This answer is correct because a premeditated bankruptcy
or insolvency would be perpetrated by an external third-party, making the
fraud an example of external fraud.
an unusually high rate of return that cannot be honestly earned rather than stealing
from the company by a premeditated bankruptcy.
20
Chapter 2: Who Commits Fraud and Why
Chapter 2 – Who Commits Fraud and Why

Learning Objectives
1. Identify the various types of fraud perpetrators, describe their characteristics, and explain
their reasons for committing fraud
2. Assess fraud risk and the benefits of fraud prevention techniques
When a new fraud is discovered, one of the most frequently asked questions is “Why in the
world did they do it?” The question is asked so frequently because the perpetrator is often a
well-respected employee who seemingly has everything to lose and not much to gain by
committing the fraud. This chapter explains who commits fraud and why they commit it.
Anyone who wants to prevent or detect fraud must understand who it is that commits fraud and
what motivates him or her to do so. We will first discuss what is known about fraud perpetrators
to see if we can build a profile that will help us spot potential perpetrators. We will then turn our
attention to societal forces that contribute to the increase in fraud.
Profile of the Fraud Perpetrator

Researchers at Brigham Young University conducted an empirical study to answer the question
“Are fraud perpetrators, as a group, different from the normal population, and are they different
from other property offenders?” The researchers conducted the study by comparing the
personality, criminal, and demographic characteristics of incarcerated fraud perpetrators (those in
a position of responsibility who illegally appropriated money from their employers) with those of
other incarcerated property offenders and normal population (represented by a group of
students).
Significant differences were found between the fraud perpetrators and the other property
offenders. Fraud perpetrators:
• Were more likely to be first-time offenders;
• Were less likely to get arrested, convicted, incarcerated, or to serve long sentences;
• Were older (possibly because it usually takes a while to get in a position of
responsibility);
• Were more likely to be women (30 percent, as compared to only two percent of the
property offenders);
• Had a more stable family life (more likely to be married, less likely to be divorced).
• Had more children;
• Were better educated;
• Were more likely to be active church members;
• Were less likely to use alcohol and drugs;
• Were less likely to be criminally inclined or to have a past criminal record; and
• Were in better psychological health. They were more optimistic, kind, empathetic,
socially conforming, and ambitious. They had higher self-esteem, self-control, and self-
sufficiency. They had less depression, self-degradation, impulsiveness, hostility,
dependence, and family discord.
21
The researchers found few differences between the fraud perpetrators and the normal population.
As compared to the normal population, the fraud perpetrators were:
• More dishonest;
• More independent;
• More sexually mature;
• More socially deviant;
• More empathetic; and
• Suffered more psychic pain.
Most of the above differences can be explained by the differences in the ages of the two
populations. On average, fraud perpetrators are older than the normal population. Therefore,
you would expect them to be more independent and sexually mature. Also, you might expect
incarcerated fraud perpetrators to be more dishonest, empathetic, and to have suffered more
psychic pain.
This and other studies show that the profile of property offenders, such as bank robbers and
burglars, is different from that of the “normal” population. In contrast, fraud perpetrators tend to
mirror the general public in terms of education, age, religion, marriage, length of employment,
and psychological makeup. In other words, there are not enough differences between fraud
perpetrators and the normal population to distinguish them from the general public.
Many fraud perpetrators are regarded as ideal employees; that is, dedicated, talented, intelligent,
well-educated, and hard-working. Before committing the fraud, they considered themselves to
be honest, upstanding citizens who were valued and respected members of their communities.
This is born out in a study of 212 actual cases of fraud. In that study:
1. Many audit directors responding to the fraud survey stated that the defrauders had to be
among the best employees in order to perpetrate and cover up the fraud while performing
at least satisfactory work.
• Thirty-eight percent of the perpetrators were described as being among the
company’s best employees prior to the detection of the fraud.
• Fifty-nine percent were described as being average employees.
• Three percent were described as being among the worst employees.
2. Most of the perpetrators were between the ages of 26 and 45.
• Fourteen percent were younger than 26.
• Thirty-eight percent were between the ages of 26 and 35.
• Thirty-five percent were between the ages of 36 and 45.
• Thirteen percent were older than 45.
3. Most perpetrators were not able to operate their fraud for very long before they were
caught.
• Fifty-one percent of the frauds were committed for less than a year.
• Twenty-two percent were committed from one to two years.
• Thirteen percent were committed from two to three years.
• Fourteen percent were committed for more than three years.
4. The less time they were employed, the more likely they were to commit a fraud.
• Twenty-six percent were employed less than three years.
22
• Fifteen percent were employed between three and five years.

• Thirty-one percent were employed between five and 10 years.
• Twenty-one percent were employed between 10 and 20 years.
• Seven percent were employed more than 20 years.
5. The older the perpetrator, the greater the amount of the fraud.
6. Most perpetrators were not college graduates.
• Fifty-two percent had some high school education or had graduated from high school.
• Sixteen percent had some college education.
• Twenty-six percent were college graduates.
• Six percent had some graduate school education.
7. Over 40 percent of the perpetrators were women. The amounts women took were, on
average, less than that taken by the men. A possible explanation is that the women had
been employed for a shorter period of time than the men. Therefore, there were fewer
women in positions of trust and more women in what would be called clerical positions.
Because fewer of the women were in positions of trust, they were less able to take large
sums of money.
8. Seventy-one percent of the frauds were perpetrated by a single individual; 29 percent
involved collusion. This is probably due to the fact that bringing another person into the
fraud is risky. In addition, most perpetrators do not want to share their ill-gotten gains
unless it is necessary to do so.
9. Few frauds (18 percent) were uncovered by auditors. This is not unusual in that most
audits are not conducted specifically for the purpose of detecting frauds. On the other
hand, it is disturbing that so few of the frauds were actually uncovered during the course
of a normal audit.
10. Forty-nine percent of the frauds were uncovered by accident, and 33 percent were
uncovered by anonymous tips. This illustrates that one effective way to detect fraud is to
set up some mechanism, such as a fraud hot line, to encourage anonymous tips.
When the results of these two studies are combined, we can conclude that it is relatively difficult
to profile fraud perpetrators or to predict who will move from being an otherwise honest, upright
citizen to becoming a perpetrator of a fraud.
The above profile describes “noncareer” criminals. Recently more “career” criminals have
found fraud to be a lucrative occupation.
Example: FBI director Louis Freeh testified before the Senate Special Committee on Aging that
cocaine distributors in Florida and California are switching to less risky but equally
profitable health-care scams. Their chances for detection are much less than with
trafficking drugs, and the profits are staggering. The bureau has some 1,500 cases
backlogged and would need to double the size of its 249-agent investigative team to
be taken seriously by scam artists who trade in bogus medical cards and phony
insurance claims.
Social Forces Contributing to Fraud

There are a number of societal trends or conditions that directly or indirectly contribute to fraud.
These social forces are influenced by political and economic conditions and social expectations.
23
We will discuss five of them:

1. Ostracism of the whistle-blower;
2. Failure to report fraud;
3. Failure of businesses to prosecute fraud perpetrators;
4. Failure of law-enforcement officials to prosecute fraud perpetrators; and
5. Light sentences given to perpetrators.
Ostracism of the Whistle-Blower

Ostracism of the whistle-blower is one societal factor that indirectly contributes to fraud. There
are numerous cases where the person blowing the whistle on a fraud has suffered more than the
perpetrator. When others see what happens to those who blow the whistle, they are reluctant to
come forward themselves. In essence they say, “I do not want what happened to [the
whistleblower] to happen to me.”
Example: One executive became a mole for a governmental agency and fed them information
about his employer’s illegal activities. When the case went public and his name was
accidentally disclosed, the whistleblower suffered severe consequences. His
employer charged him with theft, he was fired and locked out of the company’s
headquarters, his name was dragged through the mud by the press and news agencies,
the people in town stopped speaking to him, and his kids were picked on in school by
other children. He finally attempted suicide to escape what was happening.
Failure to Report Fraud

Many companies are reluctant to report detected frauds (less than 10 percent in one study)
because a highly visible fraud is a public-relations disaster. In some cases, the company loses
more from the adverse publicity than from the fraud itself. It also reveals the vulnerability of
their system, thereby possibly attracting more acts of fraud.
Failure of Businesses to Prosecute Fraud Perpetrators

Many businesses do not prosecute employees that commit a fraud. There are a number of
reasons for this.
• Often the perpetrator has spent the money that was stolen and has no assets to recover.
• Lawsuits are costly to pursue.
• Law-enforcement officials are not particularly interested in pursuing fraud cases in court.
• The company does not want to open themselves up to a countersuit for defamation of
character, wrongful termination, etc.
Failure of Law-Enforcement Officials to Prosecute Fraud Perpetrators

There are a number of reasons why law enforcement officials and the courts do not prosecute
fraud perpetrators.
• Law-enforcement officials and the courts are so busy with violent crimes that they have
little time for fraud cases where there is no bodily harm.
• Fraud is time-consuming to investigate:
o It is difficult to obtain court-admissible evidence;
o It is costly to prosecute; and
o It is hard to prove.
24
o As a result, it is harder to successfully prosecute fraud cases and to get convictions

than it is for many other types of crime.
• Many law-enforcement officials, lawyers, and judges lack the skills necessary to
investigate, prosecute, and evaluate some types of fraud, such as computer fraud.
• Law-enforcement officials are reluctant to prosecute cases when the companies recover
all or most of the funds lost.
• The definition of fraud is so vague no one really knows how much it really costs, so there
is not much motivation to go after fraud cases.
• Law-enforcement officials sometimes do not have adequate laws to go after fraud
perpetrators and make the charges stick.
Example: In one case, law-enforcement officials did not have a law that dealt specifically with
computer fraud. They had to prosecute using laws written for other purposes.
The problem of an inadequate computer-fraud law was partially resolved in the United States in
1986 when Congress passed the Fraud and Abuse Act. The law makes it illegal to knowingly
gain access to computers with intent to defraud; and buy and sell computer passwords.
The computer fraud is a felony if more than $1,000 of software is damaged or if money, goods,
or services are stolen. The penalties are severe: 1-5 years for the first offense, 10 years for the
second offense; and 20 years for three or more offenses. The range of possible fines is up to
$250,000 or twice the value of the stolen data.
Light Sentences for Perpetrators

When fraud cases are prosecuted and a conviction is obtained, the sentences received are often
very light. Jack Anderson, a columnist, was quoted as saying that the average sentence for a
fraud perpetrator was one year in jail for every $10 million stolen.
Example: One judge, when sentencing convicted white-collar criminals, stated that all of them
were God-fearing men, highly civic-minded, who have spent their lifetimes in sincere
and honest dedication and service to their families, their churches, their country, and
their communities. He said he could never send them to jail.
Example: A man who stole $1 million from a phone company was sentenced to 40 days in a
work-release program and fined $8,500.
Example: One of the most famous cases of a light sentence was that of C. Arnold Smith. He
was the owner of the San Diego Padres baseball team and was named Mr. San Diego
of the Century. He was very involved in the community and made heavy political
contributions. However, Mr. Smith was also charged with the theft of $200 million
from his bank. He pleaded nolo contendre to the charges and he was given a sentence
of four years probation and a $30,000 fine. The fine was to be paid at the rate of
$100 a month for the following 25 years, with no interest. Mr. Smith was 71 at the
time. The embezzled money was never recovered.
Studies estimate the probabilities of a person going to jail if they commit a fraud. One study
25
found:
Χ Fifty-one percent of the perpetrators were prosecuted;
Χ Ninety-eight percent of the prosecutions resulted in convictions;
Χ Thirty-one percent of those convicted were incarcerated; and
Χ Seventy-two percent of those incarcerated received a sentence for a year or more.
Putting those percentages together, only 15.5 percent (0.51 x 0.98 x 0.31) of the detected
perpetrators were prosecuted, convicted, and incarcerated. Only 11 percent (0.51 x 0.98 x 0.31 x
0.72) were incarcerated for a year or more. If we conservatively estimate that only 25 percent of
frauds are detected, then less than four percent of all fraud perpetrators go to jail.
For perpetrators of computer fraud, the odds are even better that they will pull off the fraud
without even being detected. The FBI estimates that only one percent of all computer frauds are
detected.
A study of actual cases of computer fraud showed that only 12 percent are reported to the law.
Eighteen percent of those reported are convicted and imprisoned.
If these estimates represent what actually exists in the world of business, a computer-fraud
perpetrator only has a one in 4,630 chance [1/(0.01 x 0.12 x 0.18)] of being detected, prosecuted,
convicted, and incarcerated. Those are pretty good odds considering that the average loss to
computer fraud is over $500,000.
The Fraud Triangle

Research shows that three conditions are necessary for fraud to occur:
Χ A situational pressure (a nonsharable financial need);
Χ A perceived opportunity to commit and conceal the dishonest act (viewed as a way to
secretly resolve the nonsharable pressure); and
Χ A flaw in the individual’s personal integrity that allows them to rationalize their
dishonest behavior.
As illustrated below, these three interrelated forces are referred to as the fraud triangle.
26
Pressures
Pressures refer to the non-sharable problems individuals have that motivate them to act
dishonestly. It is a person’s incentive or motivation for committing fraud. Three common types
of pressures that lead to employee fraud are shown in the Employee Pressure triangle
One type of pressure motivating misappropriation of assets, or employee fraud, is financial in

nature. Examples include living beyond one’s means, having heavy financial losses, or high
personal debt. Often, the perpetrator feels such pressures cannot be shared with others and
believes fraud is the only or the best way out of their difficult situation. For example, Raymond
Keller worked his way up from driving a coal truck to owning a grain elevator. He made money
by trading on commodities and built a lavish house overlooking the Des Moines River. His
financial situation declined and Raymond had a severe cash shortage and went deeply into debt.
He asked some farmers to wait for their money, and he gave others bad checks. Finally, the
seven banks to which he owed over $3 million began to call in their loans. So Raymond began
to sell grain that did not belong to him (he stored it for local farmers) to cover his losses. When a
state auditor showed up at his door unexpectedly, Raymond chose to take his life rather than face
the consequences of his fraud.
A second type of employee pressure is related to emotional feelings or problems. Many

employees are motivated by greed. Some employees turn to fraud because they have strong
feelings of resentment or believe they were treated unfairly. They may feel that their pay is too
low, that their contributions to the company are not appreciated sufficiently, or that the company
is taking advantage of them. In one case, an accountant in California, who was passed over for a
raise, increased his salary by 10 percent, the amount of an average raise. When apprehended, he
defended his actions by saying he was only taking what was rightfully his. When asked how he
would have felt if he had increased his salary by 11 percent, he responded that he would have
27
been stealing 1 percent. Other people are motivated by the challenge of “beating the system” or
subverting system controls and breaking into a system. In one case, a company boasted in its
advertisements that its new information system was so secure that outsiders would not be able to
break into it. Within 24 hours of the system’s implementation, a team of individuals had broken
into the system and left a message that the impenetrable system had just been compromised.
A third type of employee pressure is related to a person’s lifestyle. These include the need for
funds to support a gambling habit (or pay off gambling debts) or support an addiction or problem
with drugs or alcohol. Some people commit fraud to keep pace financially with other family
members. For example, one plastic surgeon, making up to $800,000 a year, defrauded his clinic
of over $200,000 so that he could compete with family members who engaged in a game of
financial one-upmanship.
The three types of organizational pressures that motivate management to misrepresent their
financial statements are shown in the Financial Statement Pressure triangle. The most prevalent
financial pressure is a need to meet or exceed earnings expectations to keep the stock price from
falling. Management can also create significant pressure for themselves with unduly aggressive
earnings forecasts that they then feel they have to meet. They can also create unrealistic
performance standards or incentive programs that motivate themselves and others to falsify
financial results to keep their job or to receive stock options and other incentive payments.
Lastly, industry conditions such as new regulatory requirements or significant market saturation
with declining margins can also motivate fraud.
People often believe these pressures are nonsharable and not solvable in a socially sanctioned
manner. These pressures can become so intense that people feel they have to act and decide that
fraud is the only (or the most satisfactory) solution.
Example: One inmate serving time in prison for fraud described his pressure this way: “I’m
as honest as the next fellow, but I was backed up against the wall. I did not have
any other alternative.”
Opportunities
As shown in the opportunity triangle, opportunity is the condition or situation that allows a
person or organization to do three things: commit the fraud, conceal the fraud, and convert the
theft or misappropriation to personal gain.
1. Commit the fraud. The theft of assets such as cash, inventory, tools, supplies, information,
and computer time and services is the most common type of employee fraud. Most fraudulent
financial reporting consists of the overstatement of assets or revenues, the understatement of
liabilities, or the failure to disclose information.
2. Conceal the fraud. When assets are stolen or overstated, the only way to balance the
accounting equation is to inflate other assets or to decrease liabilities or equity. Unless
perpetrators find some way to keep the accounting equation in balance, their theft or financial
statement misrepresentation can be discovered. Concealment often takes more effort and time
28
and leaves behind more evidence than the actual theft or misrepresentation. For example,
taking cash requires only a few seconds, whereas altering records to hide the theft can be
more challenging and time consuming.
A common and effective way to hide a theft is to charge the stolen item to an expense
account. The perpetrator’s exposure is limited to a year or less, because the expense
accounts are zeroed out at the end of the year. On the other hand, perpetrators who hide a
theft by affecting a balance sheet account must continue the concealment. One way to hide a
decrease in assets is a lapping scheme, in which the perpetrator steals the cash or check that
Customer A mails in to pay its accounts receivable. Funds received at a later date from
Customer B are used to pay off customer A’s balance. Funds from Customer C are used to
pay off B, and so forth. Because the theft involves two asset accounts (Cash and Accounts
Receivable) the cover-up must continue indefinitely unless the money is replaced, because
the theft will be uncovered if the scheme is stopped.
In a check kiting scheme, the perpetrator creates cash by taking advantage of the timing lag
between depositing a check and the check clearing the bank. For example, suppose a fraud
perpetrator opens checking accounts in banks A, B, and C. The perpetrator can “create” cash
by depositing a $1,000 check from bank A into bank B and withdrawing the funds. If it takes
two days for his check to clear bank A, he has created $1000 for two days. After 2 days,
since there are insufficient funds in bank A to cover the $1,000 check, the perpetrator
deposits a $1,000 check from bank C to bank A. He has covered the creation of the $1000
for another 2 days. Since bank C also has insufficient funds, $1,000 must be deposited to
bank C before the check to bank A clears. The check to bank C is written from bank B,
which also has insufficient funds. The scheme continues, writing checks and making deposits
as needed to keep the checks from bouncing.
3. Convert the theft or misrepresentation to personal gain. In employee fraud, all fraud
perpetrators go through the conversion phase unless they steal actual cash that can be spent
or use the asset personally. For example, employees who steal inventory and equipment must
sell them or otherwise convert them to cash. When financial statements are falsified, the
perpetrators convert their actions to personal gain through indirect benefits: they keep their
jobs, their stock rises, they receive pay raises and promotions, or they gain more power and
influence.
The list of opportunities that make fraud easy to commit and conceal is almost endless.
Opportunities often stem from internal control factors. For example, a perpetrator may be able to
commit and conceal a fraud because the company did not implement proper controls such as
proper authorization procedures, clear lines of authority, adequate supervision, adequate
documents and records, a system to safeguard assets, or independent checks on performance.
Likewise, there may not be a separation of duties among the authorization, custodial, and record-
keeping functions. Management may allow fraud to occur by not getting involved in designing or
enforcing the system of internal control or through inattention or carelessness. Alternatively, they
may commit the fraud by overriding internal controls or using their position of power to compel
those below them to carry out the fraud. However, the most prevalent opportunity for fraud
results from a company’s failure to enforce its system of internal controls.
29
A control feature many companies lack is a background check on all potential employees. This
would have saved one company from the “phantom controller.” In that case, the company
president stopped by the office one night, saw a light on in the controller’s office, and went to
see why he was working so late. He was surprised to find a complete stranger at work. An
investigation showed the controller was not an accountant and had been fired from three of his
previous five jobs in the last 8 years. Because he was unable to do the accounting work, he had
hired someone to come in at night to do his work for him. Before his scam was discovered, the
controller defrauded the company of several million dollars.
There are other factors that provide an opportunity to commit and conceal fraud such as large,
unusual, or complex transactions; numerous adjusting entries at year-end; questionable
accounting practices; pushing accounting principles to the limit; or related-party transactions.
Other factors include incompetent personnel, inadequate staffing, rapid turnover of key
employees, lengthy tenure in a key job, and lack of training. Other opportunities arise when the
company has unclear policies and procedures, fails to teach and stress corporate honesty, and
fails to prosecute those who perpetrate fraud.
Many frauds arise when employees build mutually beneficial personal relationships with
customers or suppliers. For example, a buyer could agree to purchase goods at an inflated price
in exchange for a kickback from the vendor. Frauds can also occur when a crisis arises and the
company disregards its normal control procedures. For instance, one Fortune 500 company was
hit with three multi-million-dollar frauds in the same year. All three took place when the
company was trying to resolve a series of crises and failed to follow the standard internal control
procedures.
Rationalizations
The third element of the fraud triangle is a rationalization that allows perpetrators to justify
their illegal behavior. Rationalization can take the form of a justification of one’s actions (I only
took what they owed me), an attitude (the rules do not apply to me), or a lack of personal
integrity (having what I want is more important than being honest). In other words, perpetrators
rationalize that they are not actually being dishonest, that honesty is not required of them, or that
their reasons for committing fraud are more compelling than honesty and integrity. Some
perpetrators rationalize that they are not hurting a real person; it is just a faceless and nameless
computer system that is affected or a large, impersonal company that will not miss the money.
For example, one perpetrator took pains to steal no more than $20,000, which was the maximum
that the insurance company would reimburse the company for losses.
The list of rationalizations people use is lengthy. Here are some of the most frequent:
Χ I am only “borrowing” the money (or asset) and will repay my “loan.”
Χ You would understand if you knew how badly I needed it.
Χ What I did was not that serious.
Χ It was for a good cause. (The Robin Hood syndrome, robbing from the rich to give to the
poor.)
30
Χ I occupy a very important position of trust. I am above the rules.

Χ Everyone else is doing it, so it is not that wrong.
Χ No one will ever know.
Χ The company owes it to me, and I am taking no more than is rightfully mine.
Interaction of the Fraud-Triangle Elements

The decision to commit fraud is determined by the interaction of all three forces. Fraud occurs
when people have high pressures, an opportunity to commit and conceal the fraud and convert
the action to personal gain, and the ability to rationalize away their personal integrity. Fraud is
less likely to occur when people have few pressures, little opportunity, and high personal
integrity that makes them less likely to rationalize fraud. Usually all three elements of the fraud
triangle must be present to some degree before a person commits fraud. A useful way to
visualize the interactions is shown below.
Fraud: Interaction of Forces
Note the following about the figure:

• It contains a balance scale with three connecting bars at the top.
• Each bar represents one of the three elements of the fraud triangle.
• Each bar has a weight that can move independently in either direction.
• The sizes of the weights and their locations along the bars determine which side of the
scale is heaviest.
• The balance tips in favor of committing fraud when any combination of the three weights
is sufficient.
31
If individuals have a strong generalized honesty characteristic, they may theoretically withstand
the cumulative weight of the other two variables. However, some will argue that everyone has a
price. It is reported that Abraham Lincoln once angrily kicked a man out of his office. When
asked about his actions, Lincoln stated that he had just turned down a substantial bribe. Then he
stated “Every man has his price, and he was getting close to mine.”
A person with personal integrity and little opportunity or pressure to commit fraud will most
likely behave honestly. However, the conditions for fraud become more enticing as individuals
with less personal integrity are placed in situations with increasing pressures and greater
opportunities to commit the crime.
Individuals placed in difficult circumstances may feel that the only way out is to choose between
their integrity and one or more of the following: their business; their positions in the community;
their reputations; or prestige. When they choose to sacrifice their integrity, fraud is often the
result.
In the life of a perpetrator, the three variables contributing to fraud build until they are
sufficiently strong to result in the occurrence of a fraudulent act.
Example: One young lady from a family that believed strongly in sexual abstinence before
marriage became pregnant out of wedlock. She feared the reaction of her parents,
teachers, and peers and felt she could not share her problem with them. At work she
handled a lot of cash and was trusted completely by the owner of the company. She
realized that it would be easy for her to take $500 and pay for an abortion. She
rationalized her actions by telling herself that she was not stealing; she was just
borrowing the money and would pay it back later. The money was never missed, and
soon she was unable to resist this “easy” access to cash. Subconsciously, she decided
that the things she could buy with the embezzled funds were more important than her
integrity. By the time she was caught she had embezzled almost $90,000.
Fraud can be prevented by eliminating or minimizing one or more of the fraud triangle elements.
While there are things companies can do to reduce or minimize pressures and rationalizations,
their greatest opportunity to prevent fraud lies in reducing or minimizing the opportunity to
commit fraud. This is typically done by implementing a good system of internal controls.
Fraud Prevention Program

When all three fraud-triangle elements are present in the right proportions, many people will
steal. Unfortunately, auditors and company management typically only attack one of the three
elements necessary for fraud: recognizing and limiting the opportunities. They do little to
recognize and control situational pressures and they do little to improve or monitor personal
integrity. Therefore, to effectively prevent fraud we must work to eliminate all three elements in
the fraud triangle.
To effectively prevent fraud, one must understand the fraud triangle. One must comprehend the
pressures that employees and company management face, the opportunities that allow a person to
commit and conceal the fraud, and the thinking patterns that allow a perpetrator to justify the
dishonest act.
32
However, understanding these risk factors is not sufficient. To prevent fraud, you must also
know what you can do to lessen or mitigate each of the three types of risk factors. What you
need is a fraud prevention program.
In the long run, it is much less expensive to have a fraud prevention program than it is to ignore
the problem until a fraud surfaces. If you can prevent a fraud, you:
Χ Minimize losses due to undetected frauds;
Χ Avoid fraud investigation costs;
Χ Do not have to make the tough decision of whether or not to prosecute;
Χ Avoid lawsuits and legal costs; and
Χ You are not distracted from company goals and do not waste time.
One way to develop a fraud prevention program is to follow the risk-assessment strategy shown
below. We will now walk you through the major steps in this strategy. This strategy should be
followed for each risk factor identified.
33
Identify Fraud Risk Factors

A company must identify the potential fraud risk factors they face, such as a poorly designed
system of internal controls, workplace pressures brought on by downsizing, or a hiring process
that does not adequately screen prospective employees.
Statement on Auditing Standards No. 99 identifies three categories of risk factors that relate to
both misstatements arising from misappropriation of assets and misstatements arising from
fraudulent financial reporting. As mentioned earlier, these three categories are: (i)
pressures/incentives; (ii) opportunities; and (iii) attitudes/rationalizations.
The likelihood or probability that a fraud will actually take place is referred to as fraud risk.
Some risk factors pose a greater risk because the probability of their occurrence is more likely.
For example, employees at a steel mill are more likely to steal cash than coils of steel.
The dollar amount that could be lost if a particular risk factor led to a fraud is referred to as
fraud exposure. Fraud exposure can range from very small to very large, depending on the
nature of the fraud and how long it persists.
Fraud risk and exposure must be considered together. The risk of collusion among top
management resulting in materially misleading financial statements may be very small, but the
exposure can be enormous. It could completely destroy a company and force it into bankruptcy.
On the other hand, the risk of a petty-cash fraud may be much greater, but the exposure is quite
small.
As either fraud risk or exposure increases, the materiality of the fraud risk factor and the need to
protect against it also rise.
Identify Fraud Prevention Techniques

One or more techniques to protect the company from each risk factor must be identified. In
evaluating the benefits of specific techniques, management should consider their effectiveness
and timing.
All other factors being equal, prevention techniques are superior to detection techniques. By
the time a detection technique identifies a problem, a certain amount of loss may already have
been sustained, and additional cost may be required to correct the problem. If prevention
techniques fail, however, and a fraud occurs, detection techniques are essential to discover the
fraud and recover from it.
Prevention and detection techniques complement each other, and a good fraud prevention program
should employ both.
No fraud prevention program can ever provide an organization with foolproof protection against
all frauds. The cost of a foolproof system is prohibitively high. Since fraud prevention
techniques can negatively impact operational efficiency, having too many of them slows the
system down and makes it inefficient -- restricting a company’s ability to meet its needs.
Therefore, the objective in designing a fraud prevention program is to provide “reasonable
34
assurance” that a fraud does not take place. This means the benefit of a fraud prevention
technique must exceed its cost.
Prevention-technique costs are easier to measure than their benefits. The primary cost element is
personnel, and it includes time to perform the prevention procedures; costs of hiring additional
employees to achieve effective segregation of duties; and costs of programming techniques into a
computer system.
Prevention-technique benefits stem from reduced fraud losses. One way to calculate fraud-
prevention-technique benefits involves expected fraud loss, the mathematical product of fraud
risk and fraud exposure:
Expected Fraud Loss $ = Fraud Risk % x Fraud Exposure $
The benefit of a prevention technique is the difference between the expected loss with the
prevention technique and the expected loss without it.
Once the benefits and costs of a particular control have been estimated, a determination must be
made whether the control is cost-beneficial. To make this determination, the cost of the
prevention technique is subtracted from the benefit.
In evaluating the costs and benefits of prevention techniques, management must employ good
judgment and consider factors other than those reflected in the simple expected-benefit
calculation. For example, a fraud exposure may be so large that it threatens the organization’s
continued existence. In such cases, management should be willing to implement prevention
techniques having a cost higher than the simple reduction in expected loss. This extra cost can
be viewed as an insurance premium to protect the organization against catastrophic loss.
The Unforgiving Casino Case
Jim sat on his stool in front of the blackjack table as the waitress offered him his fifth drink. As
the dealer drew another blackjack, Jim knew he was finished. He had just gambled away his
children’s college fund. He quickly downed his last drink, numbing himself for the eventual
confrontation with his wife, Tammy. He stumbled to his hotel room, hoping to wake up and
realize that this evening was nothing more than a nightmare.
While driving back to San Jose from Reno Sunday morning, Jim could not face the
embarrassment. His thoughts turned to coming up with a plan to restore the children’s college
fund before Tammy discovered it was missing. He was sure that if he only had an extra $500, he
could have won the money back. How would he get $500? Jim gave this idea considerable
thought. Before he knew it, he was pulling into his driveway. Tammy greeted him with a smile
and asked how the convention was. Without thought, he swiftly replied, “Oh, it was your usual
convention,” never letting on to his lack of attendance.
Still preoccupied with the loss of the college fund and the need for an extra $500, Jim drove his
late-model Buick to work. At 10:00 a.m., an accounts payable clerk came to his office seeking
35
assistance with a problem. The clerk was matching invoices with purchase orders and had found
an invoice for $3,200 that did not match the purchase order. Immediately, Jim knew how he
could get the $500 “loan.” Chips ‘R’ Us was a fast-growing microchip producer whose internal
controls were excellent on paper but were sometimes not followed. Chips ‘R’ Us also had a
policy of paying, without secondary approval, any invoice of $500 or less.
Without much thought, Jim’s plan was in place. He would first set up a dummy company that
would issue an invoice to Chips ‘R’ Us for $500. He knew his winnings would not only replace
the college fund, but would also allow him to repay the company.
Jim could not believe how easy it was to borrow the money. The check showed up in a post
office box he had opened a few days earlier. His next meeting would be in Las Vegas at the end
of the month, but Jim could not wait. He needed to win his children’s money back.
Jim phoned Tammy with the “bad news”: He and the controller would have to fly to Los
Angeles over the weekend to meet with the lawyer over a company matter. Within minutes, he
was in his car driving that familiar road to Reno. It was close to midnight when he arrived. He
wasted no time checking in, then went straight to the craps table. He knew that by 1 a.m. he
would have the college fund back.
By 4 a.m., Jim was not only out of money, but his personal checking account was $600 in the
red. Jim was concerned about this loss, but not as worried as he had been before. He would
simply take out another “loan” from Chips ‘R’ Us.
As Jim went to work Monday morning, he was not his happy-go-lucky self. Feeling guilty about
his unauthorized loan, which was now gone, Jim kept to himself and did not joke with his fellow
employees. On one occasion, Jim stuck his head out of the office door and falsely accused his
secretary of not calling his attention to a memorandum from the controller. This was a rough
time emotionally for Jim; some days he was himself, other days he acted as if he were a
completely different person.
Within six months, Jim had set up two more dummy companies and insisted that accounts
payable clerks not verify any invoice of less than $750, allowing him to meet his ever-increasing
“needs.” No one ever questioned Jim on this new policy because he had worked for the
company for over 10 years and was a “trusted” employee who was respected by those who
worked with him. Soon after the new policy was in place, Jim decided to reward himself for his
“hard work” by buying a new BMW 730i. The office staff was alive with gossip when Jim
drove up in the new car. No one could understand how he could afford such a beautiful
automobile. Jim explained his good fortune to one employee by saying that he was able to put
down a large initial payment with winnings from Reno.
Three years later, Jim had not repaid the “loan” back and was taking more money than ever from
Chips ‘R’ Us. He now had a total of eight dummy companies. He was still convinced that he
would repay the loans, but he had lost track of how much money he had “borrowed.” The
accounts payable personnel had learned to avoid Jim because they never knew what to expect
from him. At times, he seemed to be the nicest guy you would ever meet, but at other times he
36
would be uncaring and even critical of others. It seemed that by his own volition, he had
withdrawn socially from others at work.
37
rationales.
1. In a study conducted by researchers at Brigham Young University comparing the

personality, criminal, and demographic characteristics of incarcerated fraud perpetrators
with those of other incarcerated property offenders, fraud perpetrators:
A. Were more likely to get arrested.

B. Were more likely to be first time offenders.
C. Were more likely to use drugs and alcohol.
D. Had fewer children.
2. In a study of 212 actual cases of fraud, most of the perpetrators were:
A. Under the age of 26.

B. Between the ages of 16 and 35.
C. Between the ages of 36 and 45.
D. Older than 45.
3. Which of the following is the probability of a person going to jail if they commit a fraud?
A. 51.0%.
B. 31.0%.
C. 11.0%.
D. 3.9%.
4. The three interrelated forces of the fraud triangle are:
A. Commit, conceal, and convert.

B. Opportunity, rationalization, and pressure.
C. Attitude, justification, and lack of personal integrity.
D. Financial, lifestyle, and emotional.
5. Living beyond one’s means would be categorized as:
A. A financial pressure.
B. A management characteristic pressure.
C. A lifestyle pressure.
D. An emotional pressure.
38
6. A scheme in which the perpetrator steals the cash or check that Customer A mails in to
pay its accounts receivable and uses the funds received at a later date from Customer B to
pay off customer A’s balance is known as:
A. Skating.
B. Kiting.
C. Lapping.
D. Dodging.
7. True or false: In employee fraud, all fraud perpetrators go through the conversion phase
unless they steal actual cash that can be spent or use the asset personally.
A. True.
B. False.
8. The most prevalent opportunity for fraud results from:
A. A company’s failure to implement proper controls.

B. Management not getting involved in designing or enforcing the system of internal
control or through inattention or carelessness.
C. Management committing the fraud by overriding internal controls or using their
position of power to compel those below them to carry out the fraud.
D. A company’s failure to enforce its system of internal controls.
9. The likelihood or probability that a fraud will actually take place is referred to as:
A. Fraud risk.
B. Fraud exposure.
C. Prevention risk.
D. Detection risk.
10. True or false: All other factors being equal, detection techniques are superior to
prevention techniques.
A. True.
B. False.
11. Expected fraud loss is the product of:
A. Fraud risk and fraud exposure.

B. Prevention risk and fraud exposure.
C. Fraud risk and prevention risk.
D. Detection risk and prevention risk.
12. True or false: The benefit of a prevention technique is calculated by taking the difference
between the expected loss with the prevention technique and the expected loss without it.
39
A. True.
B. False.
40
1. In a study conducted by researchers at Brigham Young University comparing the

personality, criminal, and demographic characteristics of incarcerated fraud perpetrators
with those of other incarcerated property offenders, fraud perpetrators:
A. Were more likely to get arrested. This answer is incorrect because the study
found fraud perpetrators were less likely to get arrested than other incarcerated
property offenders.
B. Were more likely to be first time offenders. This answer is correct because
the study found fraud perpetrators were more likely to be first time
offenders than other incarcerated property offenders.
C. Were more likely to use drugs and alcohol. This answer is incorrect because the
study found fraud perpetrators were less likely to use drugs and alcohol than other
incarcerated property offenders.
D. Had fewer children. This answer is incorrect because the study found fraud
perpetrators had more children than other incarcerated property offenders.
2. In a study of 212 actual cases of fraud, most of the perpetrators were:
A. Under the age of 26. This answer is incorrect because the study found that only
14 percent of fraud perpetrators were under the age of 26.
B. Between the ages of 16 and 35. This answer is correct because the study
found that most fraud perpetrators were between the ages of 16 and 35.
C. Between the ages of 36 and 45. This answer is incorrect because the study found
that 35 percent of fraud perpetrators were between the ages of 36 and 45.
D. Older than 45. This answer is incorrect because the study found that only 13
percent of fraud perpetrators were older than 45.
3. Which of the following is the probability of a person going to jail if they commit a fraud?
A. 51.0%. This answer is incorrect because 51.0% is the percentage of the

perpetrators who were prosecuted.
B. 31.0%. This answer is incorrect because 31.0% is the percentage of convicted
perpetrators who were incarcerated.
C. 11.0%. This answer is incorrect because 11.0% is the percentage perpetrators
who were incarcerated for a year or more.
D. 3.9%. This answer is correct because multiplying all the percentages
together (0.51 x 0.98 x 0.31 x .25) shows that only 3.9% of fraud perpetrators
go to jail.
4. The three interrelated forces of the fraud triangle are:
41
A. Commit, conceal, and convert. This answer is incorrect because commit, conceal,
and convert are the three interrelated forces of the opportunity triangle, not the
fraud triangle.
B. Opportunity, rationalization, and pressure. This answer is correct because
the three interrelated forces of the fraud triangle are opportunity,
rationalization, and pressure.
C. Attitude, justification, and lack of personal integrity. This answer is incorrect
because attitude, justification, and lack of personal integrity are the three
interrelated forces of the rationalization triangle, not the fraud triangle.
D. Financial, lifestyle, and emotional. This answer is incorrect because financial,
lifestyle, and emotional are the three interrelated forces of the employee pressure
triangle, not the fraud triangle.
5. Living beyond one’s means would be categorized as a(n):
A. Financial pressure. This answer is correct because living beyond one’s

means is considered a financial pressure which is one of the three types of
employee pressures; financial, lifestyle, and emotional.
B. Management characteristic pressure. This answer is incorrect because a
management characteristic pressure is an organizational pressure, while living
beyond one’s means is categorized as a financial pressure related to employee
pressure.
C. Lifestyle pressure. This answer is incorrect because a gambling problem would
be considered a lifestyle pressure, while living beyond one’s means is considered
a financial pressure.
D. Emotional pressure. This answer is incorrect because strong feelings of
resentment would be considered an emotional pressure, while living beyond one’s
means is considered a financial pressure.
6. A scheme in which the perpetrator steals the cash or check that Customer A mails in to
pay its accounts receivable and uses the funds received at a later date from Customer B to
pay off customer A’s balance is known as:
A. Skating. This answer is incorrect because skating is not identified as a particular

fraud scheme.
B. Kiting. This answer is incorrect because kiting is a scheme in which the
perpetrator creates cash by taking advantage of the timing lag between depositing
a check and the check clearing the bank.
C. Lapping. This answer is correct because lapping is a scheme in which the
perpetrator steals the cash or check that Customer A mails in to pay its
accounts receivable and uses the funds received at a later date from
Customer B to pay off customer A’s balance.
D. Dodging. This answer is incorrect because dodging is not identified as a
particular fraud scheme.
42
7. True or false: In employee fraud, all fraud perpetrators go through the conversion phase
unless they steal actual cash that can be spent or use the asset personally.
A. True. This answer is correct because in employee fraud, it is true that all
fraud perpetrators go through the conversion phase unless they steal actual
cash that can be spent or use the asset personally.
B. False. This answer is incorrect because in employee fraud all fraud perpetrators
go through the conversion phase unless they steal actual cash that can be spent or
use the asset personally or there would be no incentive to commit the fraud.
8. The most prevalent opportunity for fraud results from:
A. A company’s failure to implement proper controls. This answer is incorrect

because a company’s failure to implement proper controls results in the
opportunity for fraud, but it is not the most prevalent reason.
B. Management not getting involved in designing or enforcing the system of internal
control or through inattention or carelessness. This answer is incorrect because
management’s failure to get involved in designing or enforcing the system of
internal control, creates opportunity, but is not the most prevalent opportunity for
fraud.
C. Management committing the fraud by overriding internal controls or using their
position of power to compel those below them to carry out the fraud. This answer
is incorrect because a company’s failure to enforce its system of internal controls,
not management’s committing the fraud by overriding internal controls or using
their position of power to compel those below them to carry out the fraud, results
in the most prevalent opportunity for fraud.
D. A company’s failure to enforce its system of internal controls. This answer is
correct because a company’s failure to enforce its system of internal controls
results in the most prevalent opportunity for fraud.
9. The likelihood or probability that a fraud will actually take place is referred to as:
A. Fraud risk. This answer is correct because fraud risk is defined as the
likelihood or probability that a fraud will actually take place.
B. Fraud exposure. This answer is incorrect because fraud exposure is defined as the
dollar amount that could be lost if a particular risk factor led to a fraud.
C. Prevention risk. This answer is incorrect because prevention techniques are used
to prevent a fraud from occurring and are not related to a likelihood or probability
that a fraud will actually occur.
D. Detection risk. This answer is incorrect because detection techniques are used to
detect a fraud when one has occurred and are not related to a likelihood or
probability that a fraud will actually occur.
10. True or false: All other factors being equal, detection techniques are superior to
prevention techniques.
43
A. True. This answer is incorrect because, all other factors being equal, it is better to
prevent a fraud from occurring than to detect it after it has occurred.
B. False. This answer is correct because, all other factors being equal, it is
better to prevent a fraud from occurring than to detect it after it has
occurred.
11. Expected fraud loss is the product of:
A. Fraud risk and fraud exposure. This answer is correct because the expected
fraud loss is the mathematical product of fraud risk and fraud exposure.
B. Prevention risk and fraud exposure. This answer is incorrect because the
expected fraud loss is the mathematical product of fraud risk, not prevention risk,
and fraud exposure.
C. Fraud risk and prevention risk. This answer is incorrect because the expected
fraud loss is the mathematical product of fraud risk and fraud exposure, not
prevention risk.
D. Detection risk and prevention risk. This answer is incorrect because the expected
fraud loss is the mathematical product of fraud risk, not detection risk, and fraud
exposure, not prevention risk.
12. True or false: The benefit of a prevention technique is calculated by taking the difference
between the expected loss with the prevention technique and the expected loss without it.
A. True. This answer is correct because the benefit of a prevention technique

can be derived by comparing the calculated expected loss with the prevention
technique and the calculated expected loss without it.
B. False. This answer is incorrect because it is true that the benefit of a prevention
technique can be derived by comparing the calculated expected loss with the
prevention technique and the calculated expected loss without it.
44
Chapter 3: Fraud Prevention: Pressures and Rationalizations
Chapter 3 – Fraud Prevention: Pressures and Rationalizations

Learning Objectives
1. Identify the pressures and rationalizations that can lead to fraud.
2. Design programs to relieve workplace pressures and help prevent the occurrence of fraud.
Employee Financial Pressures

The list of pressures employees face is long. We will discuss some of the most common here
and illustrate them with real cases of fraud. (A more complete list of pressures and risk factors
can be found in SAS No. 99, Consideration of Fraud in a Financial Statement Audit.)
Bad Investments or Heavy Financial Losses

One financial pressure is bad investments or heavy financial losses. An illustration of how
financial losses can create enormous pressures is the following case of an owner of a grain
elevator in Stockport, Iowa.
Example: Raymond Keller was the owner of a local grain storage company. He built a lavish
house overlooking the Des Moines River, complete with a swimming pool, sauna,
and a three-car garage. However, for reasons no one really knows, his financial
situation declined. Some say he lost money speculating on the commodities markets.
Others say it was a grain embargo that virtually halted the buying and selling of grain.
Keller had a severe cash shortage and went deeply in debt. He asked some farmers to
wait for their money and gave others bad checks. Finally, the seven banks to which
he owed over $3 million called their loans. He began the unauthorized sale of the
stored grain and used the proceeds to cover his losses. One day a state auditor
appeared unexpectedly. Rather than face the consequences, Keller took his own life.
Excessive Lifestyle or Living Beyond One’s Means

Many fraud perpetrators seem to be attracted to what may be referred to as a life of conspicuous
consumption. They are extroverted, fun-loving, social individuals who enjoy the feelings that
come from influence, social status, and from spending large sums of money. They are often
imaginative and are more than ready and willing to take large risks to get what they want.
Example: Tony De Angelis, who perpetrated the Salad Oil Swindle, was known for his
chauffeur-driven Cadillac, his large and risky deals, his influential associates, and his
free-spending habits. He often gave cash away to his many admirers.
Example: One man, after founding a student marketing company, changed his lifestyle
dramatically and developed very expensive tastes. He bought a Lear jet and a very
expensive home, threw extravagant parties, and tried to portray himself as an elitist.
Others commit fraud to cover up the free-spending ways of a family member.
Example: One woman began embezzling funds when her husband went on a spending spree
after a marital squabble. She felt compelled to cover the checks he wrote.
45
Inadequate Compensation
Another financial pressure is “inadequate” compensation. The following are some examples of
this type of pressure.
• Some employers expect an employee to maintain a certain lifestyle to foster a certain
image or engage in certain activities to bring in new business, yet these same employers
do not provide an adequate income or expense account to enable the employee to do so.
In such cases, the employee often faces the choice of not meeting company expectations
of finding other funds to achieve the objective.
Example: A partner in a national CPA firm felt he was expected to frequently wine and dine
clients and potential clients. As a result he seriously overextended himself
financially. When an important client offered him a bribe to hide fraudulent financial
reporting, he agreed to look the other way. For a $150,000 payment, he concealed a
$300 million fraud. As a result, a large savings and loan failed, as well as several
other companies.
• Employees do not receive sufficient wages to meet their family’s perceived needs.
Example: Tom was the head shipper at a large manufacturer of gas appliances and related
equipment. He had to support his wife and nine children on a small salary. The
pressures of family expenses finally became so great that he began stealing small
appliances and fixtures from the warehouse. He sold the items and bought all kinds
of things his family needed at home.
• Some people do not feel they are adequately rewarded for their efforts and labors.
Example: Two brothers who ran a software store in Pakistan wrote a computer virus and
inserted it in the software they sold. After the virus damaged the user’s system, it left
a message directing the user to call the brothers for costly corrections. It infected
over 100,000 computers before it was eradicated. When asked about their motives,
the brothers said they were upset that computer users were illegally copying the
store’s legitimate software, so they caused the virus to be activated when an illegal
copy of the software was made.
High Personal Debt

A fourth financial pressure is high personal debt. This may result from:
• The loss of a business or home;
• Divorce;
• High medical bills;
• Extended periods of unemployment or underemployment;
• Impending personal bankruptcy; or
• Bad business decisions or reversals in the economy.
In essence, the perpetrators come to believe that solving the above pressures is more important
than personal integrity. In other words, the perpetrators would prefer to commit a fraud than lose
46
their home or business or go bankrupt. The perpetrators may not consciously make this decision,
but their actions reveal what is most important to them.
Example: The controller of a small bank embezzled $158,000. Prior to working at the bank, he
had worked for one of the then-Big Six firms and had earned a CPA certification. He
was the son of a judge, and had never stolen anything before. When interviewed, he
indicated that he had committed the fraud for two reasons: (i) he had gotten a divorce
and had two households to support; and (ii) his outside business was losing money
and draining his personal funds.
Example: Alex was the 47-year-old treasurer of a credit union. His monthly payments on his
home, cars, five different credit cards, two side investments, and college for two
children exceeded his take-home pay. He felt the only way to make ends meet was to
commit a fraud. He misappropriated assets to help pay his crushing debts and
defrauded the credit union of $160,000 over a seven-year period. He was very well
respected, so his actions came as a great surprise to all who knew him.
Greed
Some people have an overwhelming desire for personal gain. Others have a compelling desire to
“get something for nothing.” Put another way, some people are so greedy they will commit a
fraud to get what they want.
Example: As a youngster, Gene found that baseball cards had value, so he took quarters from
his mother’s purse to buy chewing gum, hoping for cards other boys would want to
buy or trade. The prospect of getting something for nothing intrigued him, and he
began pitching pennies, organizing sports pools, and gambling. He talked neighbors
into letting him turn in magazine entry sweepstakes, agreeing to split the winnings.
He did little in high school, conning many teachers into giving him A’s, and
accepting F’s from the others. After high school, he moved from job to job, looking
for a way to “score big” and set himself up for life. Soon after his second child was
born, a racetrack insider alerted him to a racehorse that was a “sure thing.” Gene bet
all of his savings and the proceeds of a second home mortgage on the horse. It came
in fifth. Gene called his wife from the racetrack, told her how he had defrauded her,
and disappeared. His wife lost her house and car. Her parents refused to help her
(they disapproved of her marriage). She had to take a minimum-wage job and felt
bitter, betrayed, and abused.
Desire to avoid paying taxes

The desire to avoid paying taxes to the government can lead people to do amazing things,
including fraud.
Example: In 1985, Phillip Capella won $2.7 million in the lottery, and began receiving
annual payments of $135,000. In 1989, he filed a federal income tax return claiming $65,000 in
gambling losses and seeking a $26,000 refund. The IRS audited him, and his accountant showed
up at the audit with 200,000 losing lottery tickets. However, the tickets did not belong to
Capella; he had rented them for $500 from a man who collected losing tickets. Capella and the
47
accountant were charged with conspiracy and each faced a possible eight-year jail term and fines
of $500,000.
Pride and Ambition

Pride and ambition also lead some people to commit fraud. Perpetrators motivated by pride and
ambition often feel they are above the rules because they are better than other people and more
deserving. They are often unhappy with ordinary jobs and income. The outward signs of
success can become an obsession that may be manifested in their mode of travel, dress, and
lifestyle. Extending themselves beyond their means is not unusual. This attitude causes the
offenders to decide to get what they want by whatever means necessary. Pride blinds them to
possible consequences.
A Need For Power or Control

For some, a need for power or control may surpass their considerations of right or wrong. If
other avenues to power, position, or prestige are blocked, money, which symbolizes power, may
preoccupy the person who is determined to “be somebody.”
Inability to Tolerate Delay or Frustration

Some perpetrators are unable to tolerate delay or frustration. In such personalities, failure in
legitimate efforts simply stimulates a more earnest search for a shortcut to success. A course that
is slow, plodding, and lacking a guarantee, such as beginning at the bottom and working one’s
way up, is unthinkable. The temptation of easy gain or instant success is more than these people
can resist. They want to resolve their financial problems or “hit the big time” immediately, in
any way they can, with minimal effort and cost, no matter what the impact on the business or
other people.
Insatiable Intellectual Challenge

A common finding, especially with computer criminals, is that they are often motivated by
intellectual challenges. Many computer technicians are insatiably curious and thrive on the
challenge of figuring out how things work. A technician could easily find himself thinking, “I
will figure out how they made this system secure, break that security, and prove my superior
technical capabilities.” For many technicians, this challenge may well be a greater enticement
than the possibility of financial gain. Once tempted by this kind of gamesmanship, computer
criminals can become so involved they lose sight of the moral implications of their actions.
Management Financial Pressures

Pressures can also motivate an individual to commit fraud on behalf of an organization instead of
against it.
Economic Cycles, Inflation, and Recession

The economic cycle and the resulting effects of inflation and recession are a major management
fraud pressure. In recessionary times, executives who fear layoffs or downsizing may resort to
financial gimmicks to boost the bottom line and protect their own jobs as well as their workers’
jobs.
48
Example: In a recent survey, 98 percent of the CEOs at the top 1,000 Canadian companies
stated they felt that economic pressures were the main reason for Canadian companies
reporting fraud-related losses of $39 million.
Impending Business Failures

Another corporate pressure is an impending business failure. Though business failures
significantly increase in recessionary times, there is a significant relationship between impending
business failures and fraud even in the best of times.
When faced with the choice of either losing their businesses and everything they have worked
for over the years or “fudging” (in their eyes) the numbers a little bit in order to keep the
business going, many owners choose the latter course. In the latest recession, business failures
increased 50 percent. The dollar liabilities associated with business failures skyrocketed from
$55 billion to almost $110 billion.
Urgent Need For Earnings

Companies that face pressures for a certain level of earnings (to meet debt requirements, go
public, etc.) are sometimes motivated to fabricate those earnings or turn to sleight-of-hand tactics
if they are not able to generate them honestly.
Example: In 1989, Bonneville Pacific, facing a net loss of $2.5 million, badly needed a deal to
meet investor earnings expectations and to avoid a poor showing during discussions
with underwriters for a debt or equity offering. To meet those earnings expectations,
it recognized a $13.2 million gain on a complex, two-step purchase and sale of assets.
The bankruptcy trustee claimed the transaction was a sham to artificially boost the
value of assets assigned to Bonneville. He said it involved insider dealing, inflated
earnings, and secret funneling of cash through an offshore shell. An auditor with
Bonneville’s then-Big Six CPA firm wrote in a memo that the transaction presented
an unusual audit risk to the CPA firm. The memo also criticized Bonneville officials
for accepting such unusual risk, for offering overly optimistic public projections of
earnings, for using aggressive accounting policies, and for trying to promote the
company and increase stock prices. Notwithstanding the memo, the CPA firm gave
Bonneville a clean opinion.
Unfavorable Economic Conditions

Companies facing unfavorable economic conditions are sometimes motivated to fabricate
earnings or otherwise falsify information. The declining financial condition of entities in an
industry is evidenced by things such as declining stock prices, delisting or suspension of stock,
credit downgrades by rating agencies, and frequent or increasing numbers of business failures.
Example: The Equity Funding Fraud was one of the largest computer-assisted frauds in history.
In 1969, Equity Funding’s stock sold for over $80, but because of difficult times in
the insurance industry the stock fell to $12 by late 1970. Company managers with
vast holdings of the stock were intent on boosting its price. They felt that the only
way to do that was through higher and higher earnings. Unfortunately, new sales
were down for the industry and existing policyholders were not renewing their
49
insurance. To pump up earnings, Equity Funding began reinsuring fictitious policies.

Sales skyrocketed and the reported insurance in force tripled. The industry was
amazed at Equity Funding’s ability to turn its program around and show surprising
gains while everyone else was experiencing a severe decline.
Unrealistic Goals, Financial Targets, or Expectations Set By Management

For companies to grow and progress, it is important for them to have goals and high
expectations. However, when management sets goals or expectations for its employees or
operating units that are unrealistic, they may be motivating them more toward fraudulent
behavior rather than improved performance. In essence, they may be forcing them to choose
between failing through no fault of their own or cheating.
Example: William Nashwinter, a young aggressive salesman with Doughtie’s Foods, was
promoted to be the general manager of an East Coast warehouse that wholesaled
frozen food products to retail outlets. When he did not meet the profit goals
Doughtie’s set for the warehouse, he was severely criticized. After several such
criticisms he decided to do whatever it took to meet what he felt were Doughtie’s
totally unrealistic profit goals. He inflated the monthly inventory balance he sent to
Doughtie’s in order to decrease his cost of goods sold and inflate his gross profit.
Unfortunately, warehouse performance never improved, and his scheme required him
to fabricate ever-larger amounts of inventory to meet his goals. When he finally
confessed his wrongdoing, the investigating CPA firm found that in the last year of
the fraud, net income was inflated by 39 percent. In essence, Nashwinter decided it
was better to be dishonest than to not meet the budget.
There Are a Number of Other Important Company Pressures:

Χ New accounting, statutory, or regulatory requirements -- These could impair the financial
stability or profitability of the entity.
• Possible suspension or termination of licenses or operations.
• A high degree of competition or market saturation, accompanied by declining margins.
• Rapid changes in an industry -- Some examples are:
o Declining customer demand;
o High vulnerability to rapidly changing technology; or
o Rapid product obsolescence.
• Significant additional capital is needed to stay competitive. This takes into consideration
the financial position of the entity, including the need for major research and
development or capital expenditures.
Many Other “Red Flags” Appear Due to Management-Related Pressures

• Assets, liabilities, revenues, or expenses subject to significant estimates involving highly
subjective judgments or uncertainties -- These may also be subject to potential change in
the near term in a manner that may have a financially disruptive effect on the entity,
including those involving:
o Ultimate collectibility of receivables;
o Timing of revenue recognition;
50
o Realizability of financial instruments based on the highly subjective valuation of

collateral or difficult-to-assess repayment sources; and
o Deferral of certain costs, such as software development costs.
• Heavy dependence on new or unproven product lines.
• Unusually rapid growth or profitability -- This is to be noted when compared with that of
other companies in the same industry.
• High vulnerability to changes in interest rates.
• Unusually high dependence on debt -- This takes into account a marginal ability to meet
debt repayment requirements, and debt covenants that are difficult to maintain.
• Unrealistically aggressive sales or profitability incentive programs.
• The threat of potential foreclosure or loss of confidence by customers, suppliers, or
lenders -- This is a concern when poor financial results are reported.
• Adverse consequences on significant pending transactions -- Some examples include a
business combination or contract award, if poor financial results are reported.
• Poor or deteriorating financial position -- This is of special concern when management
has personally guaranteed debts of the entity.
• Heavy losses -- Some reasons for heavy losses include failed investments, past operating
losses, etc.
• Unusual difficulty in collecting customer’s receivables.
• Actual or threatened litigation.
• Severe inventory obsolescence/excessive inventory buildup relative to sales.
• Significant portion of executive compensation represented by bonuses, stock options, or
other incentives -- This is of concern when their value is contingent upon the entity
achieving unduly aggressive targets for operating results or financial positions over
which they have control.
• Management committing to analysts, creditors, and other third parties to achieve
forecasts that appear to be unduly aggressive or unrealistic.
• Significant tax adjustments made by the IRS can also lead to more management-related
pressures.
• Unrealistic performance standards -- These can lead either to desperation and anger,
resulting in dishonesty or “get even” attitudes.
Work-Related Pressures
Pressures can also be work-related. Some of the more frequently encountered work-related
pressures are discussed below.
Severe Resentment
Feelings of anger and resentment have caused some perpetrators to compromise their personal
integrity. Anger and resentment can build until it eventually dominates feelings, and thinking
becomes cloudy. Reason is replaced by a desire to get even or to strike back, caution is thrown
to the wind, and perpetrators take their feelings out on the company by committing a fraud.
Feelings of resentment may arise from various perceptions the employees have about their
workplace. Examples of such perceptions are listed below.
• They are treated unfairly.
51
• They are underpaid and “deserving” of more money.

• They are expected to maintain a lifestyle that they cannot possibly afford because they
are not given the pay or the expense account to do so.
• Their contributions to the company are neither appreciated sufficiently nor recognized.
• Their job is a dead-end road to nowhere and brings them no personal satisfaction. In fact,
their job is the cause of all their problems.
• No matter how hard they try, they can never achieve the unrealistic goals management
has set for them.
• The company is taking advantage of them.
Example: The chief accountant of a large California produce-growing company developed a

computer program to falsify and systematically raise all the company’s monthly
production costs by tiny increments. The extra money was siphoned off into accounts
of dummy customers, then pocketed by the accountant. He was apprehended when
he tried to cash a check to the dummy customer and the bank teller, not recognizing
the dummy company, called the produce company to inquire about the check. When
apprehended, the perpetrator expressed a lot of resentment toward top management
for the way he had been treated at the company. He said, “Nobody at the company
(especially the owners) ever talked to me. They treated me unfairly, talked down to
me, and were rude to me.” He felt very little remorse for the crime.
Example: A long-time employee who had compiled a good record at work was passed over for
a raise he felt he had earned. When the raise did not materialize, he decided to take
matters into his own hands. He calculated that the average raise had been 10 percent,
so he increased his salary by that amount. When he was finally apprehended he
defended his actions as being honest. He could not understand why he had been
arrested; he had not stolen, he had merely taken what was rightfully his. When asked
how he would have felt if he had increased his salary by 11 percent, he responded that
he would have been stealing one percent.
Example: One fraud perpetrator began his career as a staff accountant at a defense contractor.
The president of the company was a workaholic and considered an eight-hour day as
something a part-time employee worked. To make his mark in the company, the man
worked 12 to 14 hours each day. After six years at the company, he finally realized
that his long workdays were now expected of him, and he would never be able to get
out of the rat race. He became bitter about being taken advantage of (he had never
received any overtime) and about the lack of appreciation for his years of dedicated
work. To get back at the company, he colluded with a vendor to overcharge the
company $1.5 million. The $80,000 he received from the vendor was his
appreciation and “payback.”
Threat of Job Loss

Another work-related pressure is to threaten an employee’s job, company position, or prestige.
This may result from external factors such as proposed layoffs, a proposed merger, a proxy
contest for control, or any number of other reasons. It could also result from something the
52
employees have done and motivates them to try to cover up poor performances to make
themselves look better.
Example: One executive at a management training company was placed on probation as a result
of poor evaluations from conference participants. In order to save her job, she
removed the poor evaluations and replaced them with much better evaluations. This
deception went on for some time until a participant complained in person to the
president of the company.
Overaggressive Compensation Plans

Another pressure is having executive compensation tied to financial statistics or specific
transactions over which only management has control. This may motivate a person to overstate
company performance in order to increase compensation.
Low Employee Morale and Loyalty

Fraud is more likely in situations where superiors are not appreciative of their employees, morale
is low, there are substandard working conditions, or where there are significant feelings of ill
will, resentment, anger, or alienation.
Lifestyle Pressures
Another type of pressure is referred to as a lifestyle pressure, such as gambling, a drug or alcohol
problem, or an expensive sexual relationship.
Gambling
Those addicted to gambling will go to great lengths to get the money needed to feed their
addiction. This is perhaps best illustrated by a few examples.
Example: Bernie, a New York lawyer, was a compulsive gambler. To feed his high-betting
habits, he would buy a block of shares in a penny-stock company. He then paid
several brokers to bid up the price so he could unload his shares. On one occasion, he
pulled off dozens of scams and made millions of dollars on each one. Bernie loved to
gamble in Vegas and bet on the horses. On one occasion, he flew to Las Vegas with
$17,000 in racetrack winnings. After several hours, he built his stake up to $110,000.
He put it in a safe-deposit box at the hotel, intent on using it to pay his unpaid
mortgage and other large debts. Unable to sleep with all that gambling going on
below, Bernie got up and went back to the tables. He lost everything and even went
$25,000 in debt to the casino. It was not until Bernie was on his way home that he
realized he was sick and that no matter how much he won, it would never be enough.
Americans legally bet over $500 billion a year. Approximately 13 million people in the U.S. are
addicted to gambling, and it is virtually impossible to tell who they are. There have been other
reports of people hooked on gambling. Consider the following:
• Terry A.: “When I was at the blackjack table, my wife could have been dying from
cancer, and I could not have cared less.”
• Marge W.: “I stole vacation money from the family jar. I spent every waking hour
thinking about getting to the track.”
53
• Thomas J.: “Gambling was the ultimate experience for me -- better than sex, better than
any drug. I had withdrawal tortures just like a heroin junkie.”
• Ronald P.: “I degraded myself in every way possible. I embezzled from my own
company, I conned my six-year-old out of his allowance.”
• Archie K.: “After I woke up from an appendectomy, I sneaked out of the hospital, cashed
a bogus check and headed for my bookie. I was still bleeding from the operation.”
• Irving J.: “I’ll never forget coming home from work at night, looking through the window
at my family waiting for me and then leaving to place a couple more bets. I was crying
the whole time, but I had simply lost all control.”
Drug or Alcohol Addiction

A drug or alcohol addiction is a very powerful motivator, and those hooked on drugs will do
many things they would not otherwise do, including committing a fraud.
• The branch manager of a large bank admitted that he was secretly shooting up in his
office all day and stealing money from his employer to finance the habit.
• Another individual lost his job and was robbing and stealing every day to support his
$500-a-day habit.
• Another addict said, “There was nothing that I would not do to get drugs. Even though I
was a successful businessman, I stole from stores, I broke into homes and stole TVs,
VCRs, jewelry, or anything else that would bring in cash to support my habit.”
Sexual Relationships
A number of people have been motivated to commit a fraud because they needed extra funds to
support one or more intimate relationships.
Example: The former president of United Way, William Aramony, was found guilty of 25
counts of fraud. Mr. Aramony was described by prosecutors as a womanizer who
spent freely and had his staff use creative coding to bill United Way for his and his
girlfriends’ vacations, gambling, and other excesses.
Family or Peer Pressure

Family or peer pressure also leads to fraudulent actions.
Example: Janet was a 19-year-old cashier at a wholesale candy distributor. Her unemployed
boyfriend Alfred began insisting that Janet get some money to help him make his car
payments and pay his bills. She began stealing cash receipts and destroying the
copies of the invoices that recorded the sales. Soon Alfred pressured her for money
for hotel rooms, transportation, meals, and entertainment for their vacations, which
were always first-class. She was discovered when her need for cash got so large that
she began substituting some customer’s checks for money she took from the drawer.
Beating the System

The challenge of “beating the system” is an especially prevalent motivator for computer fraud.
Many of the hackers that do so much damage to systems want to show that they can subvert the
controls and break into a system.
54
Example: In one case, a company advertised a new system as being so secure that outsiders
would not be able to break into it. Within 24 hours of implementing the system, a
team had broken into the system and left a message that the impenetrable system had
just been compromised.
Rationalizations
Most fraud perpetrators have justifications or rationalizations that allow them to justify their
illegal behavior. Because they judge themselves by their intentions and not their actions, many
perpetrators consider themselves honest and upright citizens. That means they had to have:
Χ Some internal mechanism that allows them to rationalize their actions as not actually
being wrong or dishonest; or
Χ A reason or an excuse that made their actions more important than honesty and integrity.
Their rationalization allows them to violate their position of trust and still have that violation be
consistent with their concept of themselves as honest people. As an example of the
rationalization process perpetrators use, consider the following statements by a professional car
thief.
Example:What I do is good for everybody. I create work; I hire men to find customers, paint
and deliver the cars, work on the numbers, prepare the car papers, and drive them out
of the state. That is good for the economy.I am also helping people get what they
could never afford otherwise. A fellow wants a Cadillac but cannot afford it. He buys
my cars and saves as much as $2,000. Now he is happy and so is the guy who lost his
car because he gets a nice new Cadillac from the insurance company. The Cadillac
company is happy because they sell another car. The only ones who do not do well
are the insurance companies. But they are so big that nobody cares personally.
Besides, they have a budget for this sort of thing. Come on now -- who am I really
hurting?
Some of the most frequent rationalizations follow.

• Borrowing -- Perhaps the most frequent rationalization is “I am just borrowing the
money.” Perpetrators do not intend to steal, they just need a little money to tide
themselves over a rough spot. They are not really dishonest because they have every
intention of paying the “loan” back before it is missed. Unfortunately, these individuals
must borrow larger and larger amounts of money in order to meet their needs and are
never able to repay the money.
• Not hurting anyone -- Perpetrators who justify their actions this way claim that it is just a
faceless and nameless computer system that will be affected or a large impersonal
company that will not miss the money. For example, one perpetrator took pains to steal
no more than $20,000, which was the maximum the insurance company would reimburse
the company for losses.
• I needed it badly.
• It is just a little sin.
• It is for a good cause.
• Everyone is doing it.
• No one will ever know.
55
• Business is business.
• Above-the-rules syndrome.
• The company owes it to me.
• Personal advancement -- To be somebody, I must have money. Something (honesty and
reputation) has to give in order for me to be successful.
• Everybody is a little dishonest.
Minimizing and Detecting Situational Pressures

If you want to deter fraud and to maximize your chances of detecting it if it does occur, you must
take positive steps to monitor or control situational pressures. However, this is much easier said
than done. You must walk a fine line.
On the one hand, it is not possible for you to eliminate or minimize an employee’s self-imposed
situational pressures, nor is it possible or even desirable to remove all company-applied
situational pressures from employees. It is also wrong and illegal for companies to invade the
privacy of their employees. On the other hand, you cannot deter and detect fraud unless you are
aware of the situational pressures compelling employees to commit fraud and reduce them
wherever possible. To be aware of both the self-imposed and the company-applied situational
pressures means that you must:
• Pay more attention to employee lifestyles and habits than you have in the past;
• Select individuals with high levels of moral integrity to occupy important positions of
trust; and
• Strive to create an environment that contributes to maintaining high levels of personal
integrity.
This is easy to say and hard to do. Many of the self-imposed situational pressures arise from an
employee’s financial troubles. However, company managers generally do not know the financial
condition of their employees. Even if they knew certain employees were overextended, managers
would probably feel very reluctant to approach them and talk about it. Furthermore, approached
employees might resent the company sticking its nose where they feel it does not belong.
Prevention Techniques
The following paragraphs list some of the most important things that can be done to minimize or
monitor situational pressures in order to deter fraud.
Create a Proper Corporate Climate

Employee fraud, theft, and embezzlement are more prevalent in some organizations than in
others. If management creates a climate of honesty, fraud can be significantly reduced. There are
several ways to do this.
• Maintain positive work conditions where employees are well-rewarded and where their
personal needs are fulfilled.
• Create a climate of openness and trust where employees and managers feel free to
confide in each other. Good informal communication between managers and employees
is critical.
• Have an open-door policy so employees feel that they can talk about their problems.
Many perpetrators have stated that they turned to fraud because they felt they had no one
56
to talk to. If employees feel they can talk freely, managers will understand their
pressures before they become acute.
• Policies with respect to working conditions, compensation, job incentives, and career
advancement can be a powerful force in encouraging efficiency and loyal service.
Establish Employee Assistance Programs

Develop assistance programs that provide employees with the help they need to overcome their
problems. In some cases, these programs can be administered by the company itself. However,
some problems may be so sensitive that they are best handled by an external organization hired
to provide assistance with the confidentiality that employees feel they need. There are legal
means to solving unexpected financial pressures and making employees feel the company cares
about them as individuals. Several types of programs are possible, including the following:
• Financial counseling to those who desire it -- This should include information on issues
such as loan acquisition, budgeting, investing, proper uses of debt, etc.
• Personal counseling for problems such as gambling and family problems.
• Cash advances to employees who have short-term emergencies, and assistance in taking
out loans for those employees with longer-term needs.
• Providing adequate expense accounts to cover company-required expenses.
• Drug-, alcohol-, and other substance-abuse programs.
Regularly Evaluate Employee Performance

Management should regularly evaluate employee performance. They should regularly review
salaries, wages, and benefits with key employees. They should also establish grievance
procedures, give employees an outlet for disagreement, and be receptive of all grievances
submitted.
Take Special Care With Certain Employees

Some employees are more vulnerable to committing fraud because of their position, state of
mind, adverse relationship with the company, perceived pressures, or opportunities to commit a
dishonest act. Special care should be taken for employees who have access to assets that are
susceptible to misappropriation and who: (i) are likely to, or believe they are likely to, be laid
off; (ii) are known to be dissatisfied; (iii) exhibit unexplained unusual changes in behavior;
and/or (iv) are known to have personal financial pressures.
Monitor Employee Situational Pressures

There are several ways to detect the situational pressures that employees face.
• Increase the amount of contact with the client’s personnel and physical operations. This
allows you to observe the work habits, attitudes, lifestyle, and feelings of employees;
evaluate the effectiveness and efficiency of operations; and observe personnel, customers,
and suppliers.
• Investigate unusual employee patterns or lifestyles and follow up on “hunches.”
Example: One large employee fraud was detected when an auditor noticed that an office
manager took everyone in a limo to an expensive restaurant for lunch on her birthday.
An investigation showed her salary would not support that expense and that she was
paying for these and other extravagances with embezzled funds.
57
• Review professional material, such as the Audit Risk Alert. A number of CPA firms
have conducted fraud surveys or have published literature on fraud. In addition, the
Association of Certified Fraud Examiners puts out a periodic newsletter on fraud-related
issues.
Minimize Company Pressures

Many company-applied situational pressures can be minimized by doing one or more of the
following:
• Establish fair and uniform personnel policies so employees are paid commensurate with
their responsibilities and are treated fairly and without bias or favoritism.
• Provide career counseling that assesses employee aspirations and helps them understand
how they can advance to achieve those expectations.
• Develop formal communication systems, such as formal grievance procedures, that allow
employees to express their complaints and dissatisfactions and to get redresses for their
grievances. They should also be receptive of all grievances submitted.
• Regularly evaluate employee performance. They should regularly review salaries, wages,
and benefits with key employees.
• Avoid unrealistically high performance expectations. One way to do this is to have
employees participate in setting their own performance goals.
• Avoid excessive rewards and punishments for an employee’s success or failure. This
includes avoiding the “do it at any cost” attitude that may encourage managers to behave
dishonestly.
• Do everything possible to eliminate or minimize specific corporate situational pressures.
This is certainly not an easy task, since there are so many corporate situational pressures.
However, much can be done to remove unnecessary obstacles such as insufficient
working capital, excess capacity, and obsolete inventory or equipment that blocks
effective performance.
Monitor Corporate Pressures

You must be alert to evidence that indicates a fraud may have been committed. There are a
number of ways to use an understanding of situational pressures to detect fraud. Corporate
pressures can be detected in the following ways.
• Perform extensive analytical reviews and comparisons. For example, compare this year’s
numbers to the numbers from the past five to 10 years to determine unfavorable trends, to
judge the company’s need for future capital, etc. Another approach is to compare client
numbers and ratios to industry averages and investigate anything out of the ordinary.
• Read trade journals pertaining to the client’s industry and keep abreast of economic and
legislative changes affecting the industry.
• Investigate the company using Better Business Bureau records, credit ratings, and other
such information sources.
• Carefully examine client financial data, looking for “red flags” that might indicate fraud.
58
Maximizing Employee Integrity, Minimizing Rationalizations

Personal integrity refers to the personal code of ethical behavior each person adopts. While this
appears to be a straightforward determination of whether the person is honest or dishonest,
moral-development research indicates the issue is more complex.
Some individuals have developed a general trait of honesty that we call “high personal integrity.”
Whether these people are honest depends on the specifics of the situation.
Individuals lacking this trait of honesty may or may not behave correctly, depending on the
situational pressures and opportunities. These people are situationally specific honest.
• Their integrity does not generalize across situations and is not internalized as a personal
value.
• Their behavior is influenced more by the situation:
o The opportunity to be dishonest;
o The probable gain from cheating;
o The likelihood of getting caught;
o The severity of the punishment; and
o The perceived need for more money.
• Usually most individuals believe in honesty, but some can be tempted by convenient
opportunities and intense situational pressures.
Fraud research suggests that a lack of personal integrity is one of the best personality predictors
of fraud perpetrators. People with low personal integrity are usually not concerned with what is
fair and just. Instead, they compromise their standard of honesty and choose what is expedient
or advantageous at the moment, with little regard to future consequences. They consistently
value money or profit above ethics, honesty, morality, and other ideals.
However, as individuals adopt and internalize a high standard of personal integrity, the
probability that they will commit a fraud is reduced. The following prevention techniques will
help minimize rationalizations and maximize employee honesty.
Select Honest Employees

A great deal of fraud can be eliminated by carefully selecting employees of high integrity.
Selecting honest employees can be facilitated in several ways.
• Require that applicants fill out a written application. The company should also solicit
references, obtain credit bureau reports, and investigate the information.
• Ask potential employees in the employment interview if they are honest and trustworthy.
While employees can easily lie, the question signals to the candidate the importance of
honesty to the company.
• Use psychological deterrents, such as informing applicants that security checks are run on
their background and fingerprints are taken and checked against regulatory agency files.
• Use one of several instruments that have been designed to measure the personal integrity
of job applicants. Evidence shows that these instruments can reliably predict personal
integrity.
59
Create a Culture of Honesty

One way companies can prevent fraud is to create an organizational culture that teaches and
stresses honesty. Studies have found that individuals will move toward or away from dishonest
actions according to the cultural standards of management and their co-workers. In other words,
fraud is psychologically harder to commit when:
• Acceptable behavior is clearly defined for employees;
• Management follows the control principles and procedures that have been put into place;
• Management or co-workers are honest; and
• Employees believe that dishonesty normally is punished or prosecuted.
Clearly Label Honest and Dishonest Actions

Acceptable and unacceptable behavior should be defined so that employees are aware of a
company’s ethical position should a problem arise. Many business practices fall into a gray area
between right and wrong. In defining these actions, companies should:
• Set explicit standards of conduct and general principles of behavior. A major cause of
dishonesty comes from rationalizing and redefining the situation. It is natural for the
criterion of expediency to replace the criterion of right versus wrong.
• Prepare clearly stated policies that explicitly describe honest and dishonest behaviors.
These policies should especially cover issues that are uncertain or unclear, such as
conflicts of interest and the acceptance of gifts. For example, most purchasing agents
would agree that accepting a $5,000 bribe from a supplier is dishonest, but a weekend
vacation at a hunting cabin is not as clear-cut.
Example: Many professionals see nothing wrong with utilizing corporate computer resources
for personal use. Likewise, gaining unauthorized access to another company’s
databases and browsing through them is not an uncommon practice. One
programmer, when arrested for unauthorized browsing, was shocked to find out that
he was going to be prosecuted for his “crime.” He felt his activities were a common
industry practice.
• Make sure all employees know and understand company rules and standards.
• Adopt an explicit code of conduct that tells employees exactly what is acceptable and
what is not. Require employees to read, sign, and follow it.
Defining appropriate behavior would remove any uncertainty regarding the legality or
appropriateness of questionable practices such as borrowing company material; padding expense
accounts; accepting favors from suppliers; and using company computers, copiers, or telephones
for personal purposes.
Teach and Reward Honesty

There are several ways in which companies can teach and reward honesty.
• Unequivocally endorse the importance of honesty as a basic principle guiding the conduct
of the company.
• Personally and actively advocate, teach, and practice honesty. Companies should not
assume that everyone accepts honesty. For example, top management should make it
clear that honest reports are more important than favorable reports.
60
• Consistently reward and encourage honesty and give verbal labels to honest and
dishonest behavior. If companies simply punish or reward honesty without giving it a
label or explaining the principle, or if the standard of honesty is inconsistent, employees
will most likely be inconsistent in their moral behavior.
Investigate and Prosecute Dishonesty

Prosecuted embezzlers have the lowest rate of recidivism of any criminals, while nonprosecuted
ones have the highest rate. Unfortunately, many organizations dismiss most dishonest
employees rather than prosecute them.
In doing so, they inadvertently send a message to their other employees that dishonesty does not
carry any serious consequences at the company other than termination. As a result, fraud is
psychologically easier to commit when employees believe perpetrators will not be prosecuted.
And termination, where the reasons for termination are not disclosed, in today’s mobile society
can actually help a perpetrator build what others may consider an attractive resume.
All dishonest acts should be thoroughly investigated, and all who are found guilty should be
dismissed. It may not be financially expedient to prosecute everyone caught for dishonesty, but if
no one is ever prosecuted or if people think no one is ever prosecuted, the probability of fraud
will increase. Enough dishonest employees must be prosecuted to create the belief that fraud
perpetrators will be caught and punished.
Example: When one company changed its attitude from “we want to approve when someone is
prosecuted” to “we want to know when someone who commits a fraud is not
prosecuted,” fraud decreased substantially.
The consequences of violating the rules and the punishment of fraud perpetrators should not be
kept secret.
Develop Proper Dismissal Practices

Companies should be very careful when firing employees. Dismissed employees should be
removed from sensitive jobs immediately and denied access to important data and computer
systems to prevent sabotage or copying of confidential data.
Properly Manage Disgruntled Employees

Some employees commit fraud seeking revenge or “justice” for some wrong they perceive has
been done to them. Hence companies should have procedures for identifying these individuals
and either helping them resolve their feelings or removing them from jobs that allow them access
to the system.
One way to avoid disgruntled employees and to maintain high company morale is to provide
grievance channels and employee counseling. Employees need someone outside the normal
chain of command to talk to about their grievances and problems with the company. Having
someone who will listen to them and help them resolve their problems can significantly decrease
the number of dissatisfied employees. This is often not easy to accomplish since most
employees fear that airing their feelings could have negative consequences for their careers.
61
Properly Train Employees

Fraud is much less likely to occur in an environment where employees believe security is
everyone’s business. An ideal corporate culture for fraud deterrence exists when employees are
proud of their company and are protective of its assets. They believe they have a responsibility to
report fraud because what harms the company harms them. This culture does not just happen; it
has to be created, taught, and practiced. To develop this type of culture, a company should
educate and train employees in the following areas:
• Security measures -- Employees should be well-schooled in security measures, taught why
they are important, and be motivated to take them very seriously. Security should be
monitored and enforced as a way of reinforcing this training.
• Fraud awareness -- Employees should be made aware of fraud, its prevalence, and its
dangers. They should be taught why people commit fraud and how to deter and detect it.
• Ethical considerations -- The company should promote its ethical standards in its practices
and through company literature, such as employee handouts.
• Punishment for unethical behavior -- Employees should be informed of the
consequences of unethical behavior (reprimands, dismissal, prosecution, etc.). This
information should be disseminated not as a threat but as the consequence of choosing to act
unethically.
As simple as it sounds, educating employees in security issues, fraud awareness, ethical

considerations, and the consequences of choosing to act unethically can make a tremendous
difference. This education can be accomplished by:
• Conducting informal discussions and formal meetings;
• Issuing periodic departmental memos;
• Distributing written guidelines and codes of professional ethics;
• Circulating reports of securities violations and their consequences; and
• Promoting security and fraud training programs.
Case Study: Portrait of a White-Collar Criminal

There is an old saying in crime-fighting circles: Crime does not pay. However, for David Miller
crime has paid rich dividends. It paid for two Mercedes-Benz sedans, a $280,000 suburban
house, a condominium in Myrtle Beach, S.C., $500 suits, and $75 tailored, monogrammed shirts.
It also paid for diamond, sapphire, ruby, and emerald rings for his wife and a new car for his
father-in-law.
Though he has confessed to embezzling funds from six different employers over a 20-year
period, he has never been prosecuted and has never been incarcerated. In large part, Miller’s
freedom is the result of the fear that companies have about turning in employees who defraud
them.
Miller’s first employer was also his first victim. In 1965, after 10 months of selling insurance in
Wheeling, W. Va., he was fired for stealing about $200. After an assortment of odd jobs, he
moved to Ohio and worked as an accountant for a local baker. Miller was caught embezzling
funds and paid back the $1,000 he had stolen. He was not reported to the authorities in either
instance and was quietly dismissed.
62
Miller returned to Wheeling and went to work for Wheeling Bronze, Inc., a bronze-castings
maker. In December 1971, the president of Wheeling Bronze discovered that several returned
checks were missing and that there was a $30,000 cash shortfall. After an extensive search,
workers uncovered a number of canceled checks with forged signatures in an outdoor sandpile.
Miller was questioned and confessed to the scheme. He was given the choice of paying back the
stolen amount or going to jail. His parents took out a mortgage on their home to pay back the
stolen money. No charges were ever filed, and Miller was dismissed.
Several months later, Miller found a job in Pennsylvania working for Robinson Pipe Cleaning.
When Miller was caught embezzling funds, he again avoided prosecution by promising to repay
the $20,000 he had stolen.
In 1974, Crest Industries hired Miller as an accountant. He proved to be the ideal employee and
was quickly promoted to the position of office manager. He was very dedicated, worked long
hours, and did outstanding work. Soon after his promotion he purchased a new home, a new car,
and a new wardrobe.
In 1976, Miller’s world unraveled again when Crest’s auditors discovered that $31,000 was
missing. Once again there was a tearful confession and a promise to repay all money stolen.
Miller confessed that he had written several checks to himself and had then recorded payments to
vendors on the carbon copies of the checks. To cover his tracks, he intercepted and altered the
company’s monthly bank statements. He had used the money he had stolen to finance his
lifestyle and to repay Wheeling Bronze and Robinson Pipe Cleaning. He claimed in his
confession that he had never before embezzled funds.
He showed a great deal of remorse, so much so that Crest even hired a lawyer for him. He gave
Crest a lien on his house, and he was quietly dismissed. Because the president of Crest did not
want the publicity to harm Miller’s wife and three children, Crest never pressed charges against
him.
Next, Miller took a job as an accountant in Steubenville, Ohio, with Rustcraft Broadcasting
Company, a chain of radio and TV stations. Rustcraft was acquired in 1979 by Associated
Communications, and Miller moved to Pittsburgh to become Associated’s new controller. He
immediately began dipping into Associated’s accounts. Over a six-year period he embezzled
approximately $1.36 million, $445,000 of that in 1984 when he was promoted to CFO.
Miller used various methods to embezzle the money. One approach to circumvent the need for
two signatures on every check was to ask another executive who was leaving on vacation to sign
several checks “just in case” the company needed additional cash while he was gone. Miller
used most of these checks to siphon funds off to his personal account. To cover the theft, he
retrieved the canceled check from the bank reconciliation and destroyed it. The amount stolen
was then charged to an expense account of one of the units to balance the company’s books.
While working at Associated, Miller was able to lead a very comfortable lifestyle. He bought a
new house and several expensive cars. He bought vacation property and a very expensive
63
wardrobe, and he was very generous with tips and gifts. The lifestyle could not have been
supported by his $130,000 salary, yet no one at Associated ever questioned the source of his
conspicuous consumption.
Miller’s lifestyle came crashing down in December 1984 while he was on vacation. A bank
officer called to inquire about a check written to Mr. Miller. An investigation ensued, and Miller
confessed to embezzling funds. As part of the 1985 out-of-court settlement with Miller,
Associated Communications received most of Miller’s personal property.
After leaving Associated, Miller was hired by a former colleague at Associated. He underwent
therapy and believed he had his problem with compulsive embezzlement resolved. He could not
explain why he was never prosecuted. Whenever he got caught, he always insisted that he was
going to pay the company back. Such statements would usually satisfy his employers and get
him off the hook. However, he believed that these agreements actually contributed to his
subsequent thefts. For example, one rationale for starting to steal from a new employer was to
pay back the former one.
When interviewed about his past activities, Miller said that he felt his problem with theft was an
illness, just like alcoholism or compulsive gambling. The illness was driven by a subconscious
need to be admired and liked by others. He thought that by spending money, others would like
him. Ironically, he was universally well-liked and admired at each job, and it had nothing to do
with money. In fact, one colleague at Associated was so surprised at the news of the thefts that
he said it was like finding out one’s brother was an ax murderer. In the interview, Miller also
claimed that he was not a bad person. He said he never intended to hurt anyone, but once he got
started, he just could not stop.
64
rationales.
1. Which of the following pressures would result from high medical bills?
A. Bad investments or heavy financial losses.

B. Excessive lifestyle or living beyond ones means.
C. Inadequate compensation.
D. High personal debt.
2. In a recent survey, which pressure did 98 percent of the CEOs at the top 1,000 Canadian
companies state as the main reason for Canadian companies reporting fraud-related losses
of $39 million?
A. Economic cycles, inflation, and recession.

B. Impending business failures.
C. Urgent need for earnings.
D. Unfavorable economic conditions.
3. Which of the following pressures is evidenced by things such as declining stock prices,
delisting or suspension of stock, credit downgrades by rating agencies, and frequent or
increasing numbers of business failures?
A. Economic cycles, inflation, and recession.

B. Impending business failures.
C. Urgent need for earnings.
D. Unfavorable economic conditions.
4. Which of the following is one of the many red flags that appear due to management-
related pressures?
A. New accounting, statutory, or regulatory requirements.

B. Heavy dependence on new or unproven product lines.
C. Insatiable intellectual challenge.
D. Threat of job loss.
5. Which of the following work related pressures results when superiors are not appreciative
of their employees, there are substandard working conditions, or where there are
significant feelings of ill will, resentment, anger, or alienation?
A. Severe resentment.
65
B. Threat of job loss.

C. Overaggressive compensation plans.
D. Low employee morale and loyalty.
6. Which of the following is considered a common lifestyle pressure?
A. Severe resentment.
B. Threat of job loss.
C. Drug or alcohol addiction.
D. Rapid change in an industry.
7. True or false: Very few fraud perpetrators have justifications or rationalizations that
allow them to justify their illegal behavior.
A. True.
B. False.
8. An example of developing assistance programs is:
A. Instituting policies with respect to working conditions, compensation, job

incentives, and career advancement.
B. Providing financial counseling to those who desire it.
C. Regularly reviewing salaries, wages, and benefits with key employees.
D. Increasing the amount of contact with the client’s personnel.
9. Developing formal communication systems, such as formal grievance procedures, that

allow employees to express their complaints and dissatisfactions and to get redresses for
their grievances is an effective way to:
A. Monitor corporate pressures.

B. Minimize rationalizations.
C. Monitor employee situational pressures.
D. Minimize company pressures.
10. True or false: Dismissing dishonest employees rather than prosecuting them
inadvertently sends a message to other employees that dishonesty does not carry any
serious consequences at the company other than termination.
A. True.
B. False.
66
1. Which of the following pressures would result from high medical bills?
A. Bad investments or heavy financial losses. This answer is incorrect because

employee financial pressure from bad investments or heavy financial losses would
not result from high medical bills.
B. Excessive lifestyle or living beyond ones means. This answer is incorrect because
employee financial pressure from excessive lifestyle or living beyond ones means
would not result from high medical bills.
C. Inadequate compensation. This answer is incorrect because employee financial
pressure from inadequate compensation would not result from high medical bills.
D. High personal debt. This answer is correct because employee financial
pressure from high personal debt could result from high medical bills.
2. In a recent survey, which pressure did 98 percent of the CEOs at the top 1,000 Canadian
companies state as the main reason for Canadian companies reporting fraud-related losses
of $39 million?
A. Economic cycles, inflation, and recession. This answer is correct because the
survey showed that the CEOs felt that economic cycles, inflation, and
recession was the main reason for companies reporting fraud-related losses.
B. Impending business failures. This answer is incorrect because the survey did not
show that the CEOs felt that impending business failures was the main reason for
companies reporting fraud-related losses.
C. Urgent need for earnings. This answer is incorrect because the survey did not
show that the CEOs felt that an urgent need for earnings was the main reason for
companies reporting fraud-related losses.
D. Unfavorable economic conditions. This answer is incorrect because the survey
did not show that the CEOs felt that unfavorable economic conditions were the
main reason for companies reporting fraud-related losses.
3. Which of the following pressures is evidenced by things such as declining stock prices,
delisting or suspension of stock, credit downgrades by rating agencies, and frequent or
increasing numbers of business failures?
A. Economic cycles, inflation, and recession. This answer is incorrect because the
economic cycle and the resulting effects of inflation and recession are a major
management fraud pressure but includes both favorable as well as favorable
economic conditions.
B. Impending business failures. This answer is incorrect because although business
failures significantly increase in recessionary times, there is a significant
67
relationship between impending business failures and fraud even in the best of
times.
C. Urgent need for earnings. This answer is incorrect because although companies
that face pressures to meet certain earnings levels are sometimes motivated to
fabricate those earnings, it is not evidenced by declining stock prices, delisting or
suspension of stock, credit downgrades by rating agencies, and frequent or
increasing numbers of business failures evidence unfavorable economic
conditions.
D. Unfavorable economic conditions. This answer is correct because declining
stock prices, delisting or suspension of stock, credit downgrades by rating
agencies, and frequent or increasing numbers of business failures evidence
unfavorable economic conditions.
4. Which of the following is one of the many red flags that appear due to management-
related pressures?
A. New accounting, statutory, or regulatory requirements. This answer is incorrect

because new accounting, statutory, or regulatory requirements is a company
pressure, not a management-related pressure.
B. Heavy dependence on new or unproven product lines. This answer is correct
because heavy dependence on new or unproven product lines is one of the
many red flags that appear due to management-related pressures.
C. Insatiable intellectual challenge. This answer is incorrect because the insatiable
desire for intellectual challenge is an employee pressure, not a management-
related pressure.
D. Threat of job loss. This answer is incorrect because the threat of job loss is a
work-related pressure, not a management-related pressure.
5. Which of the following work related pressures results when superiors are not appreciative
of their employees, there are substandard working conditions, or where there are
significant feelings of ill will, resentment, anger, or alienation?
A. Severe resentment. This answer is incorrect because severe resentment typically

results when employees have various perceptions about their workplace such as
being treated unfairly or they are underpaid and deserving of more money.
B. Threat of job loss. This answer is incorrect because a threat of job loss would
result from external factors such as proposed layoffs, a proposed merger, a proxy
contest for control, or any number of other reasons.
C. Overaggressive compensation plans. This answer is incorrect because over
aggressive compensation plans would result when executive compensation is
closely linked with financial statistics or specific transactions over which only
management has control and may motivate management to overstate company
performance.
D. Low employee morale and loyalty. This answer is correct because low
employee morale and loyalty may result when superiors are not appreciative
68
of their employees, there are substandard working conditions, or where there

are significant feelings of ill will, resentment, anger, or alienation.
6. Which of the following is considered a common lifestyle pressure?
A. Severe resentment. This answer is incorrect because severe resentment is

considered a work-related pressure, not a lifestyle pressure.
B. Threat of job loss. This answer is incorrect because threat of job loss is
considered a work-related pressure, not a lifestyle pressure.
C. Drug or alcohol addiction. This answer is correct because drug or alcohol
addiction is a common lifestyle pressure.
D. Rapid changes in an industry. This answer is incorrect because rapid change in an
industry is considered a management-related pressure, not a lifestyle pressure
(See page 36).
7. True or false: Very few fraud perpetrators have justifications or rationalizations that
allow them to justify their illegal behavior.
A. True. This answer is incorrect because most fraud perpetrators have justifications
or rationalizations that allow them to justify their illegal behavior.
B. False. This answer is correct because most fraud perpetrators have
justifications or rationalizations that allow them to justify their illegal
behavior.
8. An example of developing assistance programs is:
A. Instituting policies with respect to working conditions, compensation, job

incentives, and career advancement. This answer is incorrect because instituting
policies with respect to working conditions, compensation, job incentives, and
career development is an example of creating a proper corporate client.
B. Providing financial counseling to those who desire it. This answer is correct
because establishing financial counseling to those who desire it is an example
of developing assistance programs that provide employees with the help they
need to overcome their problems.
C. Regularly reviewing salaries, wages, and benefits with key employees. This
answer is incorrect because regularly reviewing salaries, wages, and benefits with
key employees is an example of regularly evaluating employee performance.
D. Increasing the amount of contact with the client’s personnel. This answer is
incorrect because increasing the amount of contact with the client’s personnel is
an example of monitoring employee situational pressures.
9. Developing formal communication systems, such as formal grievance procedures, that

allow employees to express their complaints and dissatisfactions and to get redresses for
their grievances is an effective way to:
69
A. Monitor corporate pressures. This answer is incorrect because performing

extensive analytical reviews and comparisons would be an effective way to
monitor corporate pressures.
B. Minimize rationalizations. This answer is incorrect because avoiding dishonest
employees would be an effective way to minimize rationalizations.
C. Monitor employee situational pressures. This answer is incorrect because
increasing the amount of contact with the client’s personnel and physical
operations would be an effective way to monitor employee situational pressures.
D. Minimize company pressures. This answer is correct because developing
formal communication systems that allow employees to express their
complaints and dissatisfactions and to get redresses for their grievances is an
effective way to minimize company pressures.
10. True or false: Dismissing dishonest employees rather than prosecuting them
inadvertently sends a message to other employees that dishonesty does not carry any
serious consequences at the company other than termination.
A. True. This answer is correct because dismissing dishonest employees rather

than prosecuting them inadvertently sends a message to other employees that
dishonesty does not carry any serious consequences at the company other
than termination.
B. False. This answer is incorrect because it is true that dismissing dishonest
employees rather than prosecuting them inadvertently sends a message to other
employees that dishonesty does not carry any serious consequences at the
company other than termination.
70
Chapter 4: Fraud Prevention: Opportunities
Chapter 4 – Fraud Prevention: Opportunities

Learning Objectives
1. Discuss the opportunities that lead to the occurrence of fraud and the fraud prevention
techniques specific to each of those kinds of opportunities.
An opportunity is the condition or situation that allows a person to commit and conceal a
dishonest act. Like situational pressures, opportunities do not in and of themselves cause fraud.
Individuals can choose to behave honestly; many people successfully resist temptations to
commit fraud in spite of the opportunity. However, the probability of fraud increases as the
opportunities become more abundant and more convenient. This section of the chapter discusses
some of the more important risk factors that make fraud more likely to occur. It also illustrates
many of these risk factors with real-life examples. Finally, one or more fraud prevention
techniques are presented for each risk factor. Implementing these prevention techniques will
significantly reduce the risk of a fraud occurring.
It should be noted that one of the most important prevention techniques is performing extensive
auditing procedures; however, specific auditing procedures for each risk factor are not discussed
in the course materials.
Opportunities that Allow Fraud
Internal Control -- Risk Factors and Prevention Techniques
Risk Factors
These factors are among the most crucial:
• Inadequate internal control;
• Non-enforcement of internal control; and
• Inadequate monitoring of significant controls.
The most significant opportunity risk factor in most frauds is not enforcing existing internal
controls. Other major factors are the absence of adequate internal controls and overriding
existing internal controls.
Example: The Perini Corporation did not adequately control company checks, even though they
were repeatedly encouraged to do so by their outside auditors. As a result they lost
$1,150,000.
Perini did not control access to blank checks; it stored unused checks in an unlocked
storeroom that every clerk and secretary had access to. Checks were written using a
check-writing machine that automatically signed the president’s name. The machine
dumped signed checks into a box that was supposed to be locked, and the key was
supposed to be controlled by an employee from a different department. However, no
such employee was assigned, and the box was not kept locked, nor did anyone pay
attention to the machine’s counter, which kept track of the number of checks written,
so that the number of checks could be compared with the number of vouchers
71
authorized for payment. These and other inadequacies in control made the theft quite
easy to commit.
• Develop strong internal control -- The best way to deter fraud is to design, implement, and
enforce sufficient controls to make fraud difficult to perpetrate. The internal control should
include controls for authorizations, clear lines of authority, independent checks on
performance, appropriate documents and records, and physical safeguards. Likewise, there
should be a separation of duties between the authorization, custodial, and record-keeping
functions. The lack of these controls is itself a risk factor.
Internal control should contain:
o Preventive controls to deter fraud;
o Detective controls to discover fraud soon after it occurs; and
o Corrective controls to remedy the problems caused by the fraud.
The overall responsibility for secure and adequate internal control lies with top
management. Management must also establish procedures to ensure that the controls are
complied with and enforced.
• Controls are much more effective when placed in a system as it is built, rather than as an
afterthought. There should be controls to ensure enforcement of internal control and
controls to ensure that internal control is not overridden.
• Management should be involved in the design and monitoring of controls.
Risk Factor: Insufficient Separation of Duties

Good internal control demands an adequate separation of duties. No single employee should be
given too much responsibility. An employee should not be in a position to both perpetrate and
conceal fraud. To achieve effective segregation of duties, the following functions must be
separated:
• Authorization -- Top management empowers certain employees to authorize transactions
and make decisions. Authorizations are documented by signing, initialing, or entering a code
on the transaction document or record. Employees who subsequently process the transaction
should verify the presence of the appropriate authorization(s).
• Recording -- This involves preparing source documents; maintaining journals, ledgers, or
other files; preparing reconciliations; and preparing performance reports.
• Custody -- This may be direct, as in the case of handling cash or maintaining an inventory
storeroom, or indirect, as in the case of receiving customer checks via mail or writing checks
on the organization’s bank account.
If two of these three functions are the responsibility of a single person, problems may arise.
Example 1: The former city treasurer of Fairfax, Va., was convicted of embezzling $600,000
from the city treasury. Her scheme worked as follows:
When residents used cash to pay their taxes, she would keep the currency. She
recorded tax collections on her property tax records but did not report them to the city
72
controller. Eventually, an adjusting journal entry was made to bring her records into
agreement with those of the controller. When cash was received to pay for business
license fees or court fees, it would be recorded on a cash register and deposited at the
end of each day. She stole portions of this currency but made up discrepancies in the
bank deposit by substituting miscellaneous checks received in the mail that would not
be missed when they went unrecorded. In this example, one person was responsible
both for the custody of cash receipts and for the recording of those receipts. As a
result, the city treasurer was able to divert cash receipts and falsify the accounts to
conceal the diversion.
Example 2: The utilities director of Newport Beach, Calif., was charged with embezzling $1.2
million. He forged invoices or easement documents (for example, for the rights to put
a water line through a person’s land) authorizing payments to a real or fictitious city
property owner. Finance-department officials gave him the checks to deliver to the
property owners. He would then forge signatures, endorse the checks to himself, and
deposit them in his own accounts. The control weakness in this case was that the
utility director was given physical custody of checks relating to transactions that he
had also authorized. This enabled him to authorize fictitious transactions and divert
the city’s payments.
Example 3: The former payroll director of the Los Angeles Dodgers pleaded guilty to
embezzling $330,000 from the team. He would credit employees for hours not
worked and then receive a kickback of around 50 percent of their extra compensation.
He also added fictitious names to the Dodgers payroll and cashed their paychecks.
Since the perpetrator was responsible for both authorizing the hiring of new
employees and for recording employee hours worked, he did not need to prepare or
handle the actual paychecks. The club treasurer would simply mail the checks to an
address specified by the payroll director. The fraud was discovered when the payroll
director became ill, and another employee took over his duties.
• Design and enforce internal control that incorporates adequate separation of duties.
• Design clear and proper authorizations procedures.
• Use the computer to help segregate duties -- In modern information systems, the
computer can often be programmed to perform one or more of the above-mentioned
functions’ in essence replacing the employees. For example, computer systems are now
capable of recording a digital signature (or fingerprint), which signs a document with a
piece of data that cannot be forged. The principle of separating duties remains the same;
the only difference is that the computer performs the function rather than a human.
Example: Many gas stations are now equipped with pumps that allow customers to insert a
credit card to pay for their gas. In such cases, the custody of the “cash” and the
recording function are both performed by the computer. These machines not only
improve internal controls, they actually improve the process of serving the customer
by increasing convenience and eliminating lines to pay for the gas.
73
Safeguarding Assets -- Risk Factors and Prevention Techniques
Risk Factor: Inadequate Safeguarding of Assets

If there are inadequate safeguards over assets, there is a good probability that some of them will
“sprout wings and fly away.” When people think about safeguarding assets they most often
think of cash, checks, and physical assets, such as inventory and equipment. However, in today’s
world, one of a company’s most important assets is its information. Accordingly, steps must be
taken to safeguard both information and physical assets.
Example 1: Jerry Schneider noticed a trash can full of papers on his way home from a Los
Angeles-area high school. Rummaging through them, he discovered they contained
parts manuals and operating guides for Pacific Telephone and Telegraph’s computers.
Over time, his scavenging activities resulted in an impressive technical library. He
used the library to penetrate Pacific Telephone’s computer system, order equipment
for himself, and instruct the computer to not send him a bill for the goods ordered.
He sold the equipment to other companies and even sold some stolen equipment back
to Pacific Telephone. He was able to steal $1 million worth of electronic equipment
before a disgruntled employee turned him into the police.
After serving 40 days in jail, Schneider established a profitable business as a

computer security consultant. In essence, he told companies how to protect
themselves from people like him.
Example 2: A janitor in Inglewood, Calif., was charged with stealing 34 blank checks while
cleaning the city Finance Office. He forged the names of city officials on the checks,
and cashed them in amounts ranging from $50,000 to $470,000.
Prevention Technique
Design and implement adequate safeguards over physical assets. The following procedures are
used to safeguard assets from such threats as theft, unauthorized use, and vandalism:
• Restrict access to physical locations, such as computer rooms and inventory storage.
• Restrict physical access to assets, thereby limiting the chances of loss. For example, cash
registers, safes, lockboxes, and safety-deposit boxes should be used to limit access to
cash, securities, blank checks, and other paper assets.
• Restrict access to computer files and information by using passwords and security codes.
• Protect records and documents. Access to vital records and documents can be restricted
by locking them in desks or file cabinets. Access to blank checks and documents should
be limited to authorized personnel.
• Discarded paper documents should be shredded.
• Employees should be informed of the consequences of using illegal copies of software,
and the company should institute controls to see that illegal copies are not in use.
• Closed-circuit televisions can be used to monitor areas where sensitive data or easily
stolen assets are handled.
Processing of Transactions -- Risk Factors and Prevention Techniques
74
Risk Factor: No Independent Checks on Performance
Not having independent checks on performance is a major risk factor.
Design and implement independent checks. Internal checks that evaluate the performance of
each transaction processing function are an important control. They should be “independent”
because they are more effective if performed by someone other than the person responsible for
the original operation. These independent checks include:
• Reconciliation of independently maintained records -- For example, checking accounts
should be reconciled to bank statements and subsidiary ledgers should be agreed to their
general-ledger control account balances.
• Comparison of actual quantities to recorded amounts -- For example, funds in a cash-
register drawer should be reconciled at the end of each shift with the cash-register tape.
• Batch totals -- When records are grouped for processing, batch totals are created. The
same control totals are generated by the computer during each subsequent processing
step. Discrepancies between the totals indicate that an error occurred during the previous
processing stage.
• Independent review -- Segregation of duties often results in two or more persons
processing a transaction. In such cases, the second person should review the work of the
first, performing such tasks as checking for proper authorization, reviewing supporting
documents, and checking the accuracy of critical data items.
Risk Factor: Inadequate Record Keeping

Maintaining inadequate documents and records also poses significant risk.
• Require accurate records be kept and checked carefully for irregularities.
• Require properly designed documents that are used appropriately. The proper design and
use of documents and records helps prevent fraud. Documents should:
o Be as simple as possible to minimize recording errors and facilitate efficient
record keeping, review, and verification;
o Contain a space for authorizations or the receiving person’s signature if they are
used to initiate a transaction or transfer assets to someone else; and
o Be sequentially pre-numbered so each can be accounted for. This reduces the
likelihood of fraudulent use by dishonest employees.
Record keeping should be well coordinated to facilitate tracing individual transactions through
the system. A good audit trail facilitates the prevention of fraud, the correction of errors, and
verification of system output.
Supervision -- Risk Factors and Prevention Techniques
Risk Factor: Inadequate Supervision

Fraud is more likely to occur when management fails to set up appropriate management-
oversight functions such as adequate supervision and monitoring of remote locations.
75
Develop and implement controls for ensuring effective supervision of employees. Effective
supervision involves training and assisting employees, monitoring employee performance,
correcting errors that occur, and safeguarding assets by overseeing employees who have access
to them.
Organizational Structure -- Risk Factors and Prevention Techniques
Risk Factor: Complex Business Structure

An unnecessarily complex organizational structure is another factor that makes committing a
fraud easier. Examples include having a multitude of subsidiaries and divisions and several
different auditing firms, legal counsels, and banks. Unnecessary complexity makes it easier for
inappropriate items to be lost in the shuffle or intentionally buried under a blizzard of paperwork.
Many companies legitimately need many subsidiaries and divisions; the key is why there are so
many. The danger appears when the purpose of the complex structure is to not allow any one
party access to all the pieces or parts of any particular transaction. For example, when a
company uses different auditors for its various subsidiaries, none of them are able to see the
complete picture or trace transactions between subsidiaries from beginning to end.
Example: According to its bankruptcy trustee, the Bonneville Pacific Corporation’s collapse
was the most costly in the scandal-ridden alternative energy industry. The trustee
claims that the company grossly inflated its revenues, earnings, and assets. It also
failed to report contingent liabilities and related-party transactions. The result was
financial statements full of material misrepresentations and omissions. Losses were
estimated to be half a billion dollars.
The trustee further alleged that it is one of the most complex accounting frauds on record.
Apparently, Bonneville conducted business with a tangled web of subsidiaries and
partnerships. It conducted a series of baffling complex transactions to produce paper
profits and persuade people to invest money in Bonneville projects. Some of the
transactions were so complicated executives had to diagram them with a grease pencil
and drawing board at staff meetings. During one three-year period, Bonneville used
more than 300,000 cash and wire transactions to shift more that $1 billion between
itself and its subsidiaries and partnerships.
Companies should adopt a clear and appropriate organizational structure. Companies should
avoid unnecessarily complex organizational structures and auditors should be very skeptical of
them. Companies should:
• Have clear lines of authority and responsibility;
• Assign responsibility for specific tasks to departments and individuals; and
• Have a framework that facilitates planning, directing, and controlling its operations.
Accounting Practices -- Risk Factors and Prevention Techniques
76
Risk Factor: Inadequate or Questionable Accounting Practices

Several accounting practices make fraud easier to commit and therefore increase the probability
of its occurring. These include:
• Liberal accounting practices, such as recognizing revenue before its collectibility is
assured or delaying the recognition of expenses as long as possible;
• Inadequately disclosing questionable or unusual accounting practices;
• Poor accounting records;
• Ineffective accounting staff;
• An inadequately staffed and overworked accounting department; and
• Pushing accounting principles to the limit.
Example 1: A company with an understaffed accounting department fell three months behind
in its record keeping. An employee took advantage of the confusion to write himself
checks worth $450,000. He cashed the checks, left the country, and could never be
extradited.
Example 2: One real estate company that was going public purchased and resold several
nursing homes. The company recognized $2 million in current and deferred profits,
even though it only paid a $30,000 down payment when it bought the properties and
only received $25,000 in cash when it sold them. The transaction boosted sales from
$6.7 million to $22 million and converted its net income from a large loss to a gain.
A well-designed accounting system facilitates and promotes proper accounting practices.
The accounting system consists of the methods and records used to identify all valid transactions,
record them on a timely basis and at the proper monetary value, properly classify them, and
present them properly in the financial statements.
Companies should be constantly aware of the convenient opportunities that exist for people in
positions of trust to commit fraud. To keep the accounting system under control, companies
should require more frequent and thorough accountability from persons in positions of trust
through budgeting and performance reports. They should also create the expectation that all
financial decisions will be checked for accuracy and appropriateness.
The system should include, as appropriate, budgets, quotas, standard costs, and quality standards;
performance reports that compare actual performance with planned performance; and procedures
for investigating and correcting significant variances or unexpected results.
Risk Factor: Authority Figures Who Cannot Be Questioned

Dominant and unchallenged management poses a significant fraud risk.
• Ensure that no one person or small group has unchallenged power. No person or group
should have so much power that their decisions and actions cannot be challenged and
examined. Such people are usually in a position to impose their views on others,
77
including auditors and other outside, independent parties. Executives need to have the
authority to act decisively and deviate from normal procedures when the circumstances
warrant it, but they should still be questioned and required to explain their actions.
• Require periodic changes that eliminate domination.
• Set up compensating controls. An example would be effective oversight by the board of
directors or an audit committee.
Risk Factor: Management’s Disregard for Guidelines, Controls, or Regulatory Authorities

When management fails to follow company controls and guidelines, it sets a bad example for
employees. Employees tend to see the company as having two sets of rules, one for them and
another for management. When management lives by a different set of rules, employees focus
more on what management does than what it says.
• In the employee’s mind “What you do speaks so loudly I cannot hear what you say.” As
a result, it is easier for employees to rationalize their behavior by saying, “But
management does it.”
Example 1: At Equity Funding, many employees, including nonmanagement personnel,

realized that top management was perpetrating a fraud by misstating the financial
statements. They were not detected or punished, so lower-level employees started
embezzling too. Officers of one subsidiary were embezzling funds by claiming
fraudulent personal travel and business expenses and by charging a wide variety of
personal expenses to the company on a regular basis.
Example 2: In another case, employees who realized management was overstating revenues
began billing the company for hours they did not work.
A critical aspect of an organization’s control environment is a management philosophy and
operating style emphasizing honesty and adherence to controls. The more responsible
management’s philosophy and operating style, the more likely it is that employees will behave
responsibly in working to achieve the organization’s objectives.
If management shows little concern for internal control and ethical behavior, employees are not
likely to be as diligent or as effective in achieving specific control objectives. Management’s
philosophy and operating style can be assessed by answering questions such as:
• Does management take undue business risks to achieve its objectives, or does it assess
potential risks and rewards prior to acting?
• Does management attempt to manipulate performance measures such as net income so its
performance is seen in a more favorable light?
• Does management pressure employees to achieve results regardless of the methods
required, or do they demand ethical behavior? In other words, do they believe the ends
justify the means?
Management should display and communicate an appropriate attitude regarding the internal-
control and financial-reporting processes.
78
Risk Factor: Employees with a Criminal or Questionable Background

One control feature that is often lacking is a background check on all potential employees. To
illustrate their importance, consider the case of a large company that decided to check carefully
the backgrounds of all potential employees. They screened 6,398 employees and rejected 851
(13.3 percent) of them. This is in line with industry estimates that 10 to 15 percent of screened
employees will be rejected. Most are rejected due to previous unsatisfactory employment,
providing false information (education, employment, military, etc.), and a past criminal record.
The importance of thorough employee-background checks is underscored by the following case:
Example 1: Philip Crosby Associates (PCA), a consulting and training firm, undertook an
exhaustive search to select a financial director. The person hired was John C. Nelson,
an MBA and CPA with a glowing reference from his former employer. In reality,
however, both the CPA license and the reference were phony. John C. Nelson was
really Robert W. Liszewski, who had recently served an 18-month jail sentence for
embezzling $400,000 from a bank in Indiana. By the time PCA discovered this,
Liszewski had embezzled $960,000 using wire transfers to a dummy corporation
supported by forged signatures on contracts and authorization documents.
Great care should also be taken when an entity or its senior management has a known history of
securities-law violations or claims against them alleging fraud or securities-law violations.
People who have committed prior offenses are more likely to become repeat offenders.
Example 2: In the Salad-Oil Swindle, Tony De Angelis converted an old petroleum-tank farm
into salad-oil storage tanks and hired American Express Warehousing to
independently operate the warehouse. He placed 22 handpicked men at the
warehouse and they were able to fool American Express inspectors. They filled the
tanks with seawater and then placed a thin layer of oil on the top. The tanks were
connected by pipes, and the men piped oil back and forth between the tanks.
These and other tricks allowed De Angelis to claim 937 million pounds of oil when
only 100 million pounds actually existed. He claimed to own and store more oil than
existed in the whole country.
De Angelis used the warehouse receipts issued by American Express to borrow

money. When the fraud scheme collapsed, it also caused 20 banks to collapse, and
lenders were defrauded out of over $200 million. It is important to note that De
Angelis had a long history of fraud and deception.
Auditing firms should be aware that when they accept a new client the probability of fraudulent
activity is much greater than with an existing client. When investigating potential clients, both
the principals and the company itself should be examined.
Example 3: One of the then-Big Six CPA firms was approached by a cattle operation. In
investigating the background of the president, they found that he had previously been
involved in a fraud. They declined the engagement. Another of the then-Big Six
79
firms accepted the engagement and within a few years they were involved in a
multimillion-dollar lawsuit because the company had perpetrated a fraud.
Conduct background checks. Check potential employees, audit clients, and major vendors. One
way to do that is to use an investigative agency. Investigative agencies can check out:
• Underworld or questionable connections;
• Financial history to determine credit history, heavy indebtedness, previous bankruptcies,
and whether the principals are living beyond their means;
• Employment history, including the number of years with the company, previous
employers, reputation among associates, and reasons for terminating previous affiliations;
• Undesirable conduct, such as gambling, drug abuse, etc.;
• Past criminal background;
• Personal reputation and educational background; and
• Conflicts of interest that may not allow the principals to act objectively.
Risk Factor: Related-Party Transactions

A related party is anyone the company deals with that can influence company management or
operations. Related-party transactions include corporate officers dealing among themselves,
with family members, with affiliated companies or with companies they control, or with shell
companies. Related-party transactions are inherently more risky than other transactions because
they are not at “arm’s length.” There is, therefore, a greater potential for fraud.
Example: ESM, a brokerage company dealing in government securities, used a multilayered

organizational structure to hide a $300 million fraud. Company officers funneled
cash to themselves and hid it by reporting a fictitious receivable from a related
company in their financial statements.
Minimize related-party transactions. It is important to carefully control and scrutinize any
necessary related-party transactions.
Risk Factor: Mutually Beneficial Personal Relationships with Customers or Suppliers

These relationships are business transactions that are no longer arm’s length.
Purchasing agents and salespeople who develop close associations with vendors and customers
are often able to commit a fraud. This is especially true where large amounts of money are at
stake. For example, vendors can easily afford to provide a purchasing agent with a kickback in
order to win a multimillion-dollar contract. A purchasing agent who is struggling to make ends
meet can easily be tempted by these kickbacks.
Procurement frauds are especially difficult to detect since the perpetrator does not have to alter
the company’s books to cover up the fraud.
Example 1: A purchasing agent responsible for acquiring janitorial supplies for a medium-
sized city was approached by a paper supplier with a deal. If he would allow them to
80
supply the municipality with lower-quality paper at the current price, they would give
him a kickback of half the excess profits.
After this had been going on for a few months, the paper supplier began raising the
prices and billing the municipality for five times what they shipped. They also
reduced the purchasing agent’s share of the kickback. When he complained, they
said: “What are you going to do? Tell your bosses that you have been accepting a
kickback?”
They were right; he was trapped. There was nothing he could do short of confessing
his part in the fraud.
Example 2: In the $300 million ESM fraud case, the partner in charge of the audit accepted
under-the-table payments from his client to not disclose the fraudulent financial
statements. The CPA had been the partner on the job for over eight years.
• Control association with outsiders -- Frequent associations with suppliers, buyers, and
other business agents cannot be eliminated. However, businesses can require that accurate
records be kept of all transactions and check these records carefully for irregularities, such
as purchases made without the benefit of competitive bids. Any companies found to be
violating company policies relating to gratuities should be dropped as a supplier.
• Require explicit conflict-of-interest statements -- Companies should develop a manual that
outlines the company’s policies and procedures regarding the business associations of
purchasers, buyers, sales representatives, and others.
• Periodically communicate to vendors and customers the company’s policies regarding
gifts and gratuities -- When company policies are clearly communicated to customers and
vendors, they are able to determine whether a company’s purchasing agents and salespeople
are acting in accordance with company rules. Many frauds have been uncovered after such
letters were sent.
Example: After a fast-food restaurant discovered a kickback fraud, they sent letters to all their
suppliers explaining that it was against company policy for purchasing agents to
accept gratuities of any kind from vendors. As a result of the letter, two suppliers
stepped in and disclosed two additional frauds perpetrated by purchasing agents.
Risk Factor: Operating In a Crisis or Rush Mode

During times of crisis, abnormal pressure, or rush jobs there are additional opportunities to
commit fraud.
For example, when a special project is being hurried for completion, the normal controls are
often pushed aside, which results in the following:
• Signatures are obtained authorizing uncertain purchases;
• Reimbursements are made rapidly and with little documentation;
• Record keeping falls behind and cannot be reconstructed;
• Materials come and go rapidly and can easily be misplaced; and
81
• Ultimately, no one is entirely sure who is doing what.
Example: One Fortune 500 company was hit with three multimillion-dollar frauds in the same
year. All three took place when the company was trying to resolve a series of crises
and neglected to follow the standard control activities.
Continue to enforce internal control at all times.
General or Administrative
Risk Factor: Lack of an Effective Internal-Auditing Staff

The fear of someone checking your work and looking for things that are wrong is a powerful
motivator not to commit a fraud. When that fear is gone, potential perpetrators are more likely to
believe they can commit and conceal a fraud.
Maintain a competent and effective internal-audit department. A competent and effective
internal-audit staff that is conducting audits, independently testing and checking transactions,
and investigating irregularities is a significant deterrent to fraud. Even though most fraud is not
detected by internal auditors (they only catch about 20 percent of all frauds), they are more likely
to detect it than most other internal employees.
To perform their duties effectively and objectively, the internal-audit function must be
organizationally independent of accounting and operating functions. For example, the head of
internal auditing should report to the audit committee of the board of directors, the chief financial
officer, or the president, rather than to the controller.
Risk Factor: No Internal Security System

Knowing that there is no internal security system can entice a would-be perpetrator to follow
through with a fraudulent activity.
Design and implement a good internal security system. A good internal security system should
be developed that focuses on:
• Traffic patterns in and out of the company;
• Procedures governing the storage and flow of materials;
• Internal and external lock-up procedures;
• Efficient and effective guard force; and
• Protection of sensitive information within the corporation.
Risk Factor: Assets Highly Susceptible to Misappropriation

Assets such as cash and small, valuable items are vulnerable to theft and abuse.
Certain company assets are especially susceptible to misappropriation; take special care with them.
82
Since employees with situational pressures are more likely to misappropriate them, special care
should be taken with the following assets:
• Cash, especially where large amounts are on hand or processed;
• Inventory that is small and easy to move and that has a high value or is in high demand;
• Assets that are easily convertible to cash, such as bearer bonds, diamonds, or computer
chips; and
• Fixed assets that are small, marketable, or lack ownership identification.
Risk Factor: Unclear Policies and Procedures

When policies and procedures are clearly spelled out, they act as a deterrent to potential
perpetrators.
Publish a policies and procedures manual containing specific conflict-of-interest statements. A
written policy and procedures manual is an important tool for assigning authority and responsibility
in many organizations. The manual should spell out management policy with respect to handling
specific transactions. In addition, it should document the systems and procedures employed to
process those transactions. It should include a detailed listing of the organization’s chart of
accounts, along with sample copies of forms and documents.
Risk Factor: Placing Too Much Trust in Employees

Opportunities arise when too much trust is placed in key employees who are not subject to the
normal checks and balances that are so important to safeguarding company assets. Victimized
employers are often heard saying, “I cannot believe that person would commit a fraud. That
person was one of my most trusted employees.”
Example: At Ribeye Corporation, the payroll clerk never missed handling the payroll. Because
he was trusted, no one had the responsibility of reviewing his work.
Every two weeks the clerk forwarded payroll data for each employee to an outside
organization to prepare the checks. When the checks were returned, he ran them
through a check-signing machine and forwarded them to the restaurants for
distribution. However, the clerk created extra employees and added them to the
regular payroll data. It was easy for him to sign the checks using the machine,
endorse them, and deposit them into an account he controlled. Periodically, he would
terminate the fictitious employees and replace them with others at different
restaurants so that his exposure at any one restaurant was limited.
The clerk defrauded Ribeye out of almost $300,000. Many fellow employees found it
hard to believe that he was guilty of the fraud.
In today’s environment of downsizing and re-engineering, more responsibility and trust is being
placed in employees. As a result, they are more likely to operate in isolated or specialized
contexts that separate them from other individuals, thus making independent checks and
supervision difficult.
83
• Persons in positions of trust should be subject to more frequent and thorough
accountability.
• Do not phase out checks and balances needed for proper controls.
Risk Factor: No Policy of Mandatory Vacations during Which Someone Else Performs
Duties
Many fraud schemes, such as lapping and kiting,1 require the ongoing attention of the
perpetrator. Therefore, employees should be required to take an annual vacation, during which
time their job functions are performed by others. If mandatory vacations were coupled with a
temporary rotation of duties, these types of ongoing fraud schemes would fall apart.
Example 1: When federal investigators raided an illegal gambling establishment, they found
that Roswell Steffen, who earned $11,000 dollars a year, was betting up to $30,000 a
day at the racetrack. Investigators at Union Dime Savings Bank discovered he had
embezzled and gambled away $1.5 million dollars of their money over a three-year
period.
Steffen, a compulsive gambler, started out by borrowing $5,000 to place a bet on a

“sure thing” that did not pan out. He embezzled ever-increasing amounts trying to
win back the original money he had “borrowed.” He committed his fraud by
transferring money from inactive accounts to his own account. If the owner of an
inactive account complained, Steffen, who was the chief teller and had the power to
resolve these types of problems, replaced the money by taking it from some other
inactive account.
After he was caught, he was asked how the fraud could have been prevented. He said
the bank could have coupled a two-week vacation period with several weeks of
rotation to another job function. That would have made his embezzlement, which
required his physical presence at the bank and his constant attention, almost
impossible to cover up.
When perpetrators take time off they run a great risk of getting caught.
Example 2: One perpetrator went on vacation and left his secretary very detailed instructions
about what transactions to enter for processing and when to enter them. She followed
the instructions to the letter, but the person processing the transactions made an error
and called the perpetrator for help in correcting the mistake. Since the perpetrator
was unavailable, and the secretary knew nothing about the transactions, the person
had to investigate the transaction to make the needed correction. The investigation
brought the fraud to light.
1
Lapping means that cash receipts are not recorded right away but are shifted between different accounts. This is done to
cover up a cash shortage. Kiting refers to writing a check against an account at one bank (which usually does not have
sufficient funds to cover it) and depositing or cashing the check through a different account at another bank to take
advantage of the time lapse before the check clears.
84
• Set and enforce a policy that requires all employees to take an annual vacation.
• Have someone else perform the duties of the person on vacation. The ability to commit
and conceal a fraud is thwarted when another person is required to perform the perpetrator’s
job when they are on vacation. People who are not required to take a vacation are
sometimes caught when they become sick or are not able to be present at work.
Example: A $250,000 management fraud was uncovered when the vice president
suddenly died of a heart attack. The other executive involved in the fraud
was unable to juggle all of the paperwork needed to conceal the fraud.
Risk Factor: Lengthy Tenure in a Key Job

Long-term employees who hold key positions may start to think of themselves as “above the
law.”
Example: Frank Coccia, the top civilian official at a Defense Department procurement agency,
was responsible for purchasing $1.3 billion of military clothing each year. He had
been in charge of buying the same products for over 10 years and had won numerous
awards for outstanding service. Unfortunately, he began taking kickbacks from
companies that wanted to do business with the government. When he was arrested,
federal investigators seized over $400,000 in cash, money orders, gold coins, and
securities he had received as payoffs.
Rotate key employees periodically or transfer them to different functions. When employees are
rotated it often leads to actions that bring misconduct to light.
Example: When Grant Thornton’s audit-rotation policy required Richard Knight, the managing
partner of its Pittsburgh office, to be replaced as the audit partner of Chambers
Development Co., Knight left the firm to go with the client. The SEC claimed that, as
the audit partner, Knight knew of Chamber’s improper capitalization methods that led
to a $362 million restatement of earnings and class-action lawsuits. The SEC also
alleged that at Chambers, Knight “... became a leading actor in the company’s
misconduct by directing the preparation of financial statements reflecting increasingly
inflated financial results.” Knight neither denied nor confessed to the charges.
Risk Factor: Lack of Support for Company Values

There should be an effective means of communicating and supporting company values or ethics.
Develop a code of ethics. This should communicate corporate values and motivate employees to
live by it. Of particular importance is a formal company code of conduct addressing such matters
as standards of ethical behavior, acceptable business practices, regulatory requirements, and
conflicts of interest.
85
Risk Factor: No Audit Trails

Knowing that there are no audit trails can further entice a potential perpetration.
Design and implement an accounting system with adequate audit trails.
Risk Factor: Managerial Carelessness or Inattention to Technical Details
Train managers to adequately supervise subordinates and to pay attention to technical details.
Risk Factor: No Effective Oversight By Board of Directors

If there is no supervision by an independent party, such as a board of directors, potential
perpetrators might have added confidence that they can execute their schemes without ever
getting caught.
Organize an audit committee consisting of independent board of directors’ members as
appropriate. They should be given charge of providing adequate management oversight.
Risk Factor: Inadequate Training

Inadequate training of staff poses a significant fraud risk.
Develop and implement a training program that provides employees with needed skills. This
should include fraud prevention and detection skills.
Risk Factor: Inaction

Management’s failure to correct known reportable conditions on a timely basis also makes an
organization appear “fraud-friendly.”
Design, implement, and enforce controls to ensure management’s correction of known reportable
conditions on a timely basis.
Exhibit 4-1 summarizes these risk factors and lists prevention techniques to make fraud less
likely.
Exhibit 4-1
Risk factor Prevention technique

Inadequate internal control 1. Develop strong internal control.
2. Develop controls to ensure enforcement of internal
Nonenforcement of internal control control.
3. Develop controls to ensure internal control is not
Inadequate monitoring of significant overridden.
controls 4. Ensure adequate involvement by management in the
86
design and monitoring of controls.

Insufficient separation of duties 1. Design and enforce internal control that incorporates
an adequate separation of duties.
2. Design clear and proper authorizations procedures.
3. Use the computer to help segregate duties.
Inadequate safeguarding of assets Design and implement adequate safeguards over physical
assets.
No independent checks on Design and implement independent checks.
performance
Inadequate documents and records 1. Require that accurate records be kept and check them
carefully for irregularities.
2. Require properly designed documents and use them
appropriately.
Inadequate supervision Develop and implement controls for ensuring that employees
are effectively supervised.
Unnecessarily complex organizational Adopt a clear and appropriate organizational structure.
structure
Inadequate or questionable accounting Design an accounting system that facilitates and promotes
practices proper accounting practices.
Dominant and unchallenged 1. Ensure that no one person or small group has so much
management power that their decisions and actions cannot be
challenged and examined.
2. Require periodic changes that eliminate the degree of
domination required to commit and conceal a fraud.
3. Set up compensating controls such as effective
oversight by the board of directors or an audit
committee.
Management disregard for guidelines, Develop a management philosophy and operating style that
controls, and regulatory authorities emphasize honesty and adherence to controls.
Employees with a criminal or Conduct background checks on potential employees, audit
questionable background clients, and major vendors. One way to do that is to use an
investigative agency.
Related-party transactions Minimize related-party transactions and carefully control and
scrutinize those that are necessary.
Mutually beneficial personal 1. Control association with outsiders.
relationships with customers or 2. Develop explicit conflict-of-interest statements.
suppliers, such that business 3. Periodically communicate to vendors and customers
transactions are no longer arm’s length company policies regarding gifts or gratuities.
Operating in a crisis or rush mode Continue to enforce internal control, even during times of
company crisis.
Lack of an effective internal-auditing Maintain a competent and effective internal-audit department.
staff
No internal security system Design and implement a good internal security system.
Assets highly susceptible to Take special care with susceptible assets.
misappropriation
87
Unclear policies and procedures Develop a policies and procedures manual containing specific
conflict-of-interest statements.
Placing too much trust in employees 1. Require more frequent and thorough accountability
from persons in positions of trust.
2. Do not reengineer out the checks and balances needed
for proper controls.
No policy of annual vacations during 1. Set and enforce a policy that requires all employees
which someone else performs duties to take an annual vacation.
2. Have someone else perform the duties of the person
on vacation.
Lengthy tenure in a key job Rotate key employees periodically or transfer them to
different functions to make fraud less convenient.
No effective means of communicating Develop a code of ethics that communicates corporate values
and supporting company values or and motivates employees to live by it.
ethics, such as a code of conduct.
No audit trails Design and implement an accounting system with adequate
audit trails.
Managerial carelessness or inattention Train managers to adequately supervise their subordinates
to technical details and to pay attention to technical details.
No effective oversight by board of Organize an audit committee consisting of independent board
directors of directors’ members as appropriate and give them charge of
providing adequate management oversight.
Inadequate training Develop and implement a training program that provides
employees with the skills they need, including fraud
prevention and detection skills.
Management’s failure to correct known Design, implement, and enforce controls to ensure that
reportable conditions on a timely basis management corrects known reportable conditions on a
timely basis.
88
rationales.
1. For which of the following risk factors would the use of a computer to perform the
custody and recording of cash be a proper prevention technique?
A. Insufficient separation of duties.

B. Inadequate safeguarding of assets.
C. No independent checks on performance.
D. Inadequate record keeping.
2. Restricting access to computer files and information by using passwords and security
codes would be a proper prevention technique for:
A. Insufficient separation of duties.

3. A proper prevention technique for the risk factor related to no independent checks on
performance would be:
A. The use of a computer to perform the custody and recording of cash.

B. Restricting access to computer files and information by using passwords and
security codes.
C. A reconciliation of independently maintained records.
D. Requiring accurate records be kept and checked for irregularities.
4. For which of the following risk factors would requiring that accurate records be kept and
checked for irregularities be a proper prevention technique?
A. Inadequate supervision.
5. Training and assisting employees, monitoring employee performance, and overseeing

employees would be a proper prevention technique for:
A. Inadequate supervision.
B. Lack of a security system.
89

D. Managerial carelessness or attention to detail.
6. True or false: Dominant and unchallenged management reduces an organization’s level

of fraud risk.
A. True.
B. False.
7. For which of the following risk factors would developing a code of ethics be a proper
prevention technique?
A. Lack of a security system.

B. Unclear policies and procedures.
C. Lack of support for company values.
D. Managerial carelessness or attention to detail.
8. True or false: Management’s failure to correct known reportable conditions on a timely

basis also makes an organization appear “fraud-friendly.”
A. True.
B. False.
90
1. For which of the following risk factors would the use of a computer to perform the
custody and recording of cash be a proper prevention technique?
A. Insufficient separation of duties. This answer is correct because the use of a

computer to perform the custody and recording of cash would be a proper
prevention technique for the risk factor related to insufficient separation of
duties.
B. Inadequate safeguarding of assets. This answer is incorrect because restricting
access to computer files and information by using passwords and security codes
would be a proper prevention technique for the risk factor related to inadequate
safeguarding of assets.
C. No independent checks on performance. This answer is incorrect because
reconciliation of independently maintained records would be a proper prevention
technique for the risk factor related to no independent checks on performance.
D. Inadequate record keeping. This answer is incorrect because requiring accurate
records be kept and checked for irregularities would be a proper prevention
technique for the risk factor related to inadequate record keeping.
2. Restricting access to computer files and information by using passwords and security
codes would be a proper prevention technique for:
A. Insufficient separation of duties. This answer is incorrect because the use of a

computer to perform the custody and recording of cash would be a proper
prevention technique for the risk factor related to insufficient separation of duties.
B. Inadequate safeguarding of assets. This answer is correct because restricting
access to computer files and information by using passwords and security
codes would be a proper prevention technique for the risk factor related to
inadequate safeguarding of assets.
D. Inadequate record keeping. This answer is incorrect because requiring accurate
records be kept and checked for irregularities would be a proper prevention
technique for the risk factor related to inadequate record keeping.
3. A proper prevention technique for the risk factor related to no independent checks on
performance would be:
A. The use of a computer to perform the custody and recording of cash. This answer
is incorrect because the use of a computer to perform the custody and recording of
91
cash would be a proper prevention technique for the risk factor related to
insufficient separation of duties.
B. Restricting access to computer files and information by using passwords and
security codes. This answer is incorrect because restricting access to computer
files and information by using passwords and security codes would be a proper
prevention technique for the risk factor related to inadequate safeguarding of
assets.
C. A reconciliation of independently maintained records. This answer is correct
because a reconciliation of independently maintained records would be a
proper prevention technique for the risk factor related to no independent
checks on performance.
D. Requiring accurate records be kept and checked for irregularities. This answer is
incorrect because requiring accurate records be kept and checked for irregularities
record keeping.
4. For which of the following risk factors would requiring that accurate records be kept and
checked for irregularities be a proper prevention technique?
A. Inadequate supervision. This answer is incorrect because developing and

implementing controls to ensure effective supervision of employees would be a
proper prevention technique for the risk factor related to inadequate supervision.
B. Inadequate safeguarding of assets. This answer is incorrect because restricting
access to computer files and information by using passwords and security codes
safeguarding of assets.
D. Inadequate record keeping. This answer is correct because requiring
accurate records be kept and checked for irregularities would be a proper
prevention technique for the risk factor related to inadequate record
keeping.
5. Training and assisting employees, monitoring employee performance, and overseeing

employees would be a proper prevention technique for:
A. Inadequate supervision. This answer is correct because training and

assisting employees, monitoring employee performance, and overseeing
employees would be a proper prevention technique for the risk factor related
to inadequate supervision.
B. Lack of a security system. This answer is incorrect because designing a good
internal security system is the only proper prevention technique for the risk factor
related to the lack of a security system.
92

D. Managerial carelessness or attention to detail. This answer is incorrect because
training managers to adequately supervise subordinates and to pay attention to
technical details is a proper prevention technique for the risk factor related to
managerial carelessness or attention to detail.
6. True or false: Dominant and unchallenged management reduces an organization’s level

of fraud risk.
A. True. This answer is incorrect because dominant and unchallenged management

increases an organization’s level of fraud risk.
B. False. This answer is correct because dominant and unchallenged
management increases an organization’s level of fraud risk because they are
fee to do virtually anything.
7. For which of the following risk factors would developing a code of ethics be a proper
prevention technique?
A. Lack of a security system. This answer is incorrect because designing a good

internal security system is the only proper prevention technique for the risk factor
related to the lack of a security system.
B. Unclear policies and procedures. This answer is incorrect because publishing a
policies and procedures manual containing specific conflict-of-interest statements
is a proper prevention technique for the risk factor related to unclear policies and
procedures.
C. Lack of support for company values. This answer is correct because
developing a code of ethics would be a proper prevention technique for the
risk factor related to the lack of support for company values.
D. Managerial carelessness or attention to detail. This answer is incorrect because
training managers to adequately supervise subordinates and to pay attention to
technical details is a proper prevention technique for the risk factor related to
managerial carelessness or attention to detail.
8. True or false: Management’s failure to correct known reportable conditions on a timely

basis also makes an organization appear “fraud-friendly.”
A. True. This answer is correct because management’s failure to correct known

reportable conditions on a timely basis does make an organization appear
“fraud-friendly.”
B. False. This answer is incorrect because management’s failure to correct known
reportable conditions on a timely basis does make an organization appear “fraud-
friendly.”
93
Chapter 5: Fraud Detection
Chapter 5 – Fraud Detection

Learning Objectives
1. Identify company vulnerabilities and the various symptoms indicating the presence of
fraud in order to detect fraud when it occurs or prevent the occurrence of fraud.
Fraud detection can be defined as all of the procedures or actions undertaken to ascertain that a
fraud has, in fact, been committed.
To detect fraud, a person must first understand where a company is vulnerable. These include
the points at which goods and cash flow in and out of the company, the use and storage of assets,
and the reporting of financial information.
Most crimes leave unmistakable evidence. For example, when a bank is robbed, there are often
witnesses and even videotapes of the theft. When a restaurant is robbed after hours, there are
broken cash registers and signs of forced entry.
In contrast, fraud is a crime that is hard to detect because it is almost never observed directly.
There are no videotapes, witnesses, smoking guns, or dead bodies. Instead, the perpetrator takes
great pains to conceal his tracks. Therefore, there often is no direct evidence of the fraud.
Those looking for fraud must learn to identify the indicators, or red flags, that are present in most
frauds. These clues, which are often referred to as fraud symptoms, can point to the existence of
fraud.
The fact that a person finds a fraud symptom in a company does not mean that fraud actually
exists. At that point, there are merely suspicions that a fraud might have taken place. Fraud
symptoms should be thoroughly investigated to determine whether they are present due to fraud
or due to other conditions.
Company Vulnerabilities
Four Areas of Vulnerability

One of the first steps in fraud detection is to evaluate a company to determine where it is
vulnerable to fraud. The four areas of vulnerability are listed below.
1. Receipt of Goods or Cash

A company is susceptible to fraud as goods and cash are received into the company. Cash
receipts could be stolen or misapplied, or goods intended for the company could be stolen or
diverted to unauthorized uses. As a result, the prime areas to look for fraud are the areas of
purchasing, receiving, cash receipts, and accounts receivable.
2. Purchasing, Disbursement of Cash, and Shipment of Goods

The points at which goods are purchased, shipped out of the company, and cash is paid for
ordered goods are especially vulnerable for most companies. Company disbursements could be
stolen or diverted to pay personal bills, fictitious bills could be paid, kickbacks or bid-rigging
could result in inflated billings, and payments could be made for hours not worked or for
94
employees who do not exist. As a result, the prime areas to look for fraud are purchasing,
shipping, cash disbursements, and payroll.
3. Misappropriation of Company Assets

Almost any company asset of value is susceptible to fraud. The most frequently stolen asset is
cash. Inventory, supplies, equipment, machinery, and fixed assets are also susceptible to fraud.
4. Fraudulent Reporting of Company Results

The objective of most fraudulent financial reporting is to make the company results look better
than they actually are by inflating assets or net income. Current-year net income can be inflated
by:
• Recording revenues too soon;
• Recording bogus revenues;
• Shifting current expenses to a later period; and
• Failing to record all liabilities or expenses.
Subsequent-year income can be inflated by:

• Shifting current income to a later period; or
• Shifting future expenses to the current period.
Example: Management at Matrix Science Corporation felt intense pressure to meet

what they considered to be unrealistic sales goals. To meet the goals, they
kept their books open beyond the last day of the quarter to record
subsequent sales, preprinted invoices for orders that had not been shipped,
and delayed issuing credit memos for goods returned near the end of the
quarter.
Critical areas to watch include revenues of all kinds, major expense categories, and assets such
as inventory and receivables. It is also important to be attuned to the possibility of an intentional
misapplication of accounting principles.
Use of Specialists
One important way to increase the probability of detecting fraud is to use specialists trained in
assessing company vulnerabilities and detecting fraud. Two types of specialists are discussed:
computer security officers and forensic accountants.
Computer-Security Officers
Most frauds are not detected by internal or external auditors. In one study, only 4.5 percent of
259 cases of fraud were uncovered by auditors. Normal system controls uncovered 45 percent,
32 percent were discovered by accident, and eight percent were found by computer-security
officers.
The study shows that having a computer-security officer who is responsible for fraud deterrence
and detection has a significant deterrent effect on computer frauds. The security officer can
monitor the system and disseminate information about improper system uses and their
consequences.
95
Forensic Accountants
Forensic accountants specialize in fraud prevention, detection, investigation, and audit. Many
have degrees in accounting and have received specialized training with the FBI, the IRS, or other
law-enforcement agencies.
A professional designation has been created to recognize this field. The Association of Certified
Fraud Examiners in Austin, Texas, has developed a Certified Fraud Examiner (CFE) certification
program. To become a CFE, candidates must pass a two-day exam.
There are approximately 16,000 CFEs around the world. There are not very many CFE firms;
instead, most CFEs work for CPA or law firms and private and public companies.
Fraud Symptoms
Fraud is not easy to detect. The perpetrator usually takes great pains to cover up the fraud and to
make everything appear normal. However, the perpetrator is left exposed at three key points:
• When the item of value, such as cash, is stolen or some part of the financial statement is
materially misrepresented.
• When the perpetrator conceals actions so that the fraud scheme is not detected.
Concealment often requires documents or records to be created or altered, journal entries
to be made, or some other effort made to ensure that the books balance.
• When the perpetrator converts noncash assets into a form that can be used or spent.
As each of these three steps is undertaken, the perpetrator is vulnerable. For example, the
perpetrator could be spotted taking the physical asset or misstating the information. The created
or altered documents that hide the fraud can be spotted by someone else. The perpetrator could
be caught trying to cash stolen checks.
The vulnerability is not limited to the point in time when these three steps are taken. It extends
for some time, often almost indefinitely. For example, it could be days or weeks later that the
stolen item is missed. The auditor could note the altered document during the year-end audit.
When a company reconciles its checking account, it could spot a stolen check that was cashed.
Whenever a fraud takes place, there are a number of signs or manifestations that a fraud has
taken place. For example, there could be missing assets, fraudulent documents, and forged
checks. These signs or manifestations are referred to as fraud symptoms.
There are symptoms at each point of the fraud: the theft, the concealment, and the conversion.
Being aware of these symptoms and actively searching for them is one of the best ways to detect
fraud.
The fact that fraud symptoms are present is not a guarantee that fraud actually exists. However,
every time there is a fraud, one or more of these symptoms is present. Unfortunately, most
people are unaware of what constitutes a fraud symptom. As a result, the symptoms are rarely
recognized. Oftentimes, those familiar with fraud symptoms are so busy they do not notice them.
Many of those that are noticed are never properly investigated. As a result, many frauds are not
96
detected or uncovered as soon as they could be. The result is an ever-increasing amount lost to
fraud.
When fraud symptoms are recognized and investigated, frauds often can be detected early. This
saves the company money. An active approach to searching for symptoms and investigating
fraud also serves as a deterrent to further fraud taking place.
Several fraud symptoms will now be discussed.
Accounting Symptoms
All organizations have an accounting system that collects data about company transactions and
activities. In a typical company:
• Data is captured on paper documents or electronic forms;
• Data is summarized and entered into accounting files and ledgers in the form of
journal entries; and
• Data in these files and ledgers is periodically summarized and organized into
financial statements that are provided to the managers and owners of the business.
When a fraud is committed, some element of the documents, journal entries, or ledgers is often
altered, forged, manipulated, or destroyed to hide the fraud. This action usually produces what is
referred to as an accounting symptom.
This section of the chapter discusses some accounting symptoms. Time and space limitations do
not permit us to discuss all of the accounting symptoms, but some of the more prevalent are
discussed below.
Altered, Forged, or Unusual Documents

The following are different types of document symptoms.
• Altered or forged -- They can contain erasures, whiteouts, or markovers. A favorite trick
of fraud perpetrators is to create new documents from pieces of original documents.
Then the new document is photocopied so that you cannot tell it was created from other
documents and used to replace the original.
Example: When Barry Minkow needed audited financial statements, he offered

Mark Morze, the ZZZZ Best accountant, a $200,000 bonus if he could
fool the auditor into issuing a clean opinion.
Morze created the documentation needed to support the fraudulent

financial statements. He created hundreds of fake cashier's checks by
making a clean photocopy of an original; whiting out the payee, date, and
amount; typing in the new information; and making another photocopy.
He made phony bank statements by borrowing originals, cutting and
pasting individual lines on ZZZZ Best statements, and then photocopying
them. He also used a copy machine to create fake invoices and
worksheets.
97
When a lender insisted on seeing a nonexistent eight-story building being

restored in Arroyo Grande, he went there to take a picture. However, the
tallest building in town was only three stories high. Undaunted, he lay
down and took a picture that cut off the top of the building and made it
look taller than it was. This "proof" convinced the lender.
• Destroyed or "missing" documents.

• Duplicated documents -- An example might be a second payment for a single invoice, or
duplicate vendor invoices.
• Documents that were previously “used” and/or recorded out-of-sequence.
• Voided documents -- The perpetrator can use a document or its number for some
unauthorized reason and then mark it void. When the document is examined later, there
may be no evidence that it was ever used for unauthorized purposes.
• Documents that contain unusual or abnormal items -- These may include things such as
questionable handwriting, second endorsements on checks, information that does not
make sense, an overabundance of common names or addresses, and stale items on bank
reconciliations.
Large, Unusual, or Complex Transactions at Year-End

Of concern are unique, highly complex, and material transactions close to year-end that pose
difficult "substance over form" questions. Also of concern are large and profitable transactions
near the end of the year or quarter.
Numerous Adjusting Entries at Year-End

A company that is in trouble or is trying to improve its financial results may choose to
manipulate its books with a flurry of adjusting entries near the end of the year. Year-end
adjusting entries should always be scrutinized carefully. However, when there are more than
usual, the entries should be scrutinized especially well.
Example: At the end of almost every quarter, Lincoln Savings and Loan made
journal entries that artificially inflated its earnings. There were at least 13
of these transactions, and most of them resulted in Lincoln reporting a net
income instead of a net loss. In total, Lincoln overstated its income by
more than $100 million dollars.
Unusual Journal Entries

Anytime a journal entry does not adhere to the normal company format and procedures, it is
suspect. Suspect journal entries would include the following:
• Entries that are inaccurate, such as ones that do not balance.
• Entries that are made by an unauthorized individual.
• Entries that are not logical entries to an account. This is especially important in accounts
such as cash and inventory that are particularly susceptible to fraud.
• Entries that do not have the usual supporting documentation.
98
Ledger Problems
These include ledgers that do not balance or general-ledger control accounts that do not tie to
subsidiary ledger balances.
Some perpetrators are unable to effectively cover up their frauds. For example, in an inventory
fraud, the perpetrator may not be able to make an entry in company records to decrease the
inventory account. At some point, when inventory is counted, the inventory shortage is noted
when the balance on hand does not match the amount on the books. However, since this
symptom could also be the result of an employee error or spoilage, many companies do not
adequately investigate the shortages. They simply accept them as a cost of doing business. This
failure to investigate the shortages makes it possible for perpetrators to continue to perpetrate their
fraud, as long as they do not get too greedy.
Selecting or Changing to More Liberal Accounting Practices

A company president once asked his controller what the year-end net income was going to be.
The controller responded "What do you want it to be?" This illustrates the point that
management can often juggle their books to make net income be whatever they want it to be.
One way of doing this is to adopt unusually liberal accounting policies.
Various approaches are available to value inventory, amortize or depreciate an asset, recognize
revenue, estimate warranty costs, or write off bad debts. When more than one accounting
principle can be chosen by a company, care should be exercised if the more liberal practice is
selected, unless there is a clear reason why that practice is more acceptable and appropriate.
Example: In 1980, Union Carbide was legitimately able to increase its net income
for the first quarter by $217 million. This increase was made possible by
three changes in its accounting policies:
o Changing from a conservative to a liberal depreciation policy;
o Changing the way the company accounted for investment tax
credits; and
o Capitalizing rather than expensing interest costs during
construction.
"Going-Concern" or Adverse Opinions

Companies that receive a "going-concern" or adverse opinion are under more pressure than
companies that do not receive one. The "going-concern" or adverse opinion may be indicative of
more serious problems at the company, problems that might motivate management to resort to
fraudulent means to keep the company operating.
Example: The CPA firm for AFCO, a Utah-based land-development company,

issued an adverse opinion on its financial statements. The adverse opinion
was given because the company insisted in presenting its development
property at what it considered to be its market value, rather than its cost.
In addition, most of the rest of AFCO's assets consisted of a receivable
from a non-arm's-length sale of property to a related party.
99
The adverse opinion was prophetic; the $21 million of assets on the
balance sheet was grossly overstated.
AFCO declared bankruptcy and most of the $70 million dollars investors
sunk into AFCO limited partnerships was lost.
Premature Recognition of Revenue

Revenue is normally recognized when the earnings process is complete. Companies that
recognize revenue before the process is completed or before an exchange has occurred may be
trying to manipulate net income. There are a number of ways to recognize revenue prematurely
besides shipping goods before a sale has been completed. A few of those are recording revenues
even though:
• Material uncertainties exist;
• The buyer is unlikely to pay for the goods or is likely to return them;
• Future services are due; or
• The company bills for goods that are never shipped.
Example: Jiffy Lube was accused, in a civil lawsuit, with prematurely recognizing
franchise-fee revenue and thereby overstating its revenues and net income.
The company had to restate its financial results. As a result, its 1989 net
income of $7 million was turned into a loss of $79 million.
Current Expenses Moved to a Later Period

Delaying current-year expenses and moving them to a later period is another way to boost
current-year revenues and profits. There are a number of ways to do this. Some of the more
common are:
• Improperly capitalizing costs, such as start-up, research and development, advertising,
and administrative costs.
Example: The SEC investigated Savin Corporation and decided that from 1981 to
1984 they had improperly capitalized research and development costs. As
a result, assets and net worth for those years were, in total, overstated by
almost $100 million.
• Depreciating or amortizing assets too slowly.

• Not writing off bad loans or uncollectible receivables.
While some of these approaches to delaying costs may not be viewed as fraud, the fact that a
company chooses to use them may be indicative that there are more serious problems that do
constitute fraud.
Analytical Symptoms
According to SAS No. 56, analytical procedures are evaluations of plausible relationships among
financial and nonfinancial data.
100
The auditor uses historical records, projections, and trends to develop expectations about the
company and its data. These expectations are then compared to the company's recorded amounts.
Unless there are legitimate reasons, any significant deviation from the expectations signals an
area for further investigation.
Financial statements can be compared to those of prior periods. The actual dollar amounts can be
compared as well as the ratios calculated from the statements. Company ratios and financial data
should also be compared to those of companies in the same industry.
We discuss analytical symptoms in three main sections:

• Financial-statement review;
• Ratio and trend analysis; and
• Relationships or conditions that are so unusual or unrealistic that they might indicate the
presence of fraud.
Financial-Statement Review
We discuss two approaches to reviewing financial statements: vertical and horizontal analysis
and cash-flow statement analysis.
Vertical and Horizontal Analyses

These analyses are means of analyzing individual financial-statement account balances. This
approach converts financial-statement numbers to percentages so that relationships between data
are easier to understand. For example, for most people, it is more meaningful to say that the cost
of goods sold went up by 50 percent than to say it went from $400,000 to $600,000.
• Vertical analysis.
o On the balance sheet, total assets as well as total liabilities and equity are assigned
a value of 100 percent. All other balance-sheet items are shown as a percentage
of these two totals.
o In performing a vertical analysis on an income statement, net sales are assigned a
value of 100 percent. All other income-statement numbers are shown as a
percentage of sales.
Exhibit 5-1 shows a vertical analysis of a balance sheet and an income statement for
an example company (note that differences are due to rounding).
• Horizontal analysis -- In a horizontal analysis, account balances for two separate years
are analyzed by comparing the percentage changes between the years. The total dollar
change is also shown.
Exhibit 5-2 shows the horizontal analysis for the example company (note that differences
are due to rounding).
• Vertical/horizontal analysis -- What does vertical and horizontal analysis show us? Look
at the vertical analysis of the income statement in Exhibit 5-1.
o Note that the gross margin percentage for Year 1 was 50 percent and for Year 2 it
was 60 percent.
101
o Now look at the income-statement horizontal analysis in Exhibit 5-2.

o Note that sales went up by 25 percent, but the cost of goods sold remained the
same. Also note that inventory on the balance sheet is $400,000 in Year 1 and
$500,000 in Year 2.
Is it logical that sales could increase by 25 percent without the cost of goods sold increasing?
There may be an explanation for this, but in this case, the increase is a result of management
intentionally overstating inventory by $100,000 to cause net income to rise.
To illustrate this, consider the example below. Assume that the correct value of ending
inventory is $400,000.
Example:
Correct Fraudulent
+ Sales $1,000,0 $1,000,00
00 0
+ Beginning 300,00 300,00
inventory 0 0
+ Purchases 600,00 600,00
0 0
- Ending - -
inventory 400,00 500,00
0 0
- Cost of goods = Cost of goods 500,000 500,00 400,000 400,00
sold sold 0 0
= Gross margin $500,000 $600,000
By overstating ending inventory by $100,000, management was able to increase its gross margin
by that same amount. And of course, net income before taxes went up by the same amount.
There is another fraud in these statements that the vertical and horizontal analysis can help
discover.
Note in Exhibit 5-1 that cash went from 20 percent of assets in Year 1 to 14 percent in Year 2
and that receivables went from five percent to nine percent. Note in Exhibit 5-2 that cash
declined by 25 percent, while receivables went up by 100 percent. That is a huge percentage rise
in accounts receivable. In this case, an investigation showed that an employee stole $50,000 in
cash and concealed the fraud by inflating accounts receivable.
102
Exhibit 5-1
Example Company
Vertical Analysis of Balance Sheet
Year 2 Year 1
ASSETS
Cash $150,000 14% $ 200,000 20%

Accounts receivable 100,000 9% 50,000 5%
Inventory 500,000 45% 400,000 40%
Fixed assets 350,000 32% 350,000 35%
Total assets $ 1,100,000 100% $ 1,000,000 100%
LIABILITIES AND EQUITY
Accounts payable 100,000 9% 100,000 10%

Note payable 200,000 18% 200,000 20%
Common stock 400,000 36% 400,000 40%
Retained earnings 400,000 36% 300,000 30%
Total liabilities and equity $ 1,100,000 100% $ 1,000,000 100%
Example Company
Vertical Analysis of Income Statement
Year 2 Year 1
Sales $ 1,000,000 100% $ 800,000 100%

Cost of goods sold 400,000 40% 400,000 50%
Gross margin $ 600,000 60% $ 400,000 50%
Expenses:
Administrative 75,000 8% 65,000 8%
Selling 125,000 13% 105,000 13%
Income before taxes $ 400,000 40% $ 230,000 29%
Income taxes 200,000 20% 115,000 14%

Net income $ 200,000 20% $ 115,000 14%
103
Exhibit 5-2
Example Company
Horizontal Analysis of Balance Sheet
Year 2 Year 1 Change %

Change
ASSETS
Cash $150,000 $200,000 $(50,000) -25%

Accounts receivable 100,000 50,000 50,000 100%
Inventory 500,000 400,000 100,000 25%
Fixed Assets 350,000 350,000 - 0%
Total Assets $1,100,000 $1,000,000 $100,000 10%
LlABILITlES AND EQUITY
Accounts Payable 100,000 100,000 - 0%

Note Payable 200,000 200,000 - 0%
Common Stock 400,000 400,000 - 0%
Retained Earnings 400,000 300,000 100,000 33%
Total Liabilities and $1,100,000 $1,000,000 $100,000 10%

Equity
Example Company
Horizontal Analysis of Income Statement
Year 2 Year 1 Change %

Change
Sales $1,000,000 $800,000 $200,000 25%
Cost of Goods Sold 400 000 400,000 - 0%
Gross Margin $600,000 $400,000 $200,000 50%
Expenses:
Administrative 75,000 65,000 10,000 15%
Selling 125,000 105,000 20,000 19%
Income before taxes $400,000 $ 230,000 170,000 74%

Income taxes 200,000 115,000 (85,000) 74%
Net income $200,000 $115,000 $(15,000) 74%
Analysis of the Cash-Flow Statement

Another statement that can be used to detect fraud is the statement of cash flows. Since cash is
the most frequently stolen asset and the statement of cash flows shows how cash changed during
the year, an analysis of this statement is an excellent means of detecting fraud.
104
Exhibit 5-3 shows a simple cash-flow statement for Cougar Creations. Assume that from the
other statements you know that sales are rising significantly. The company had held the land it
sold for a number of years, and the sale amount was rather large.
Exhibit 5-3
Cougar Creations
Statement of Cash Flows
Cash flows from operations

Net income $140,000
Adjustments to net income
Depreciation expense 30,000
Increase in receivables (10,000)
Decrease in inventory 45,000
Increase in accounts payable 30,000
Net cash inflow from operations $235,000
Cash flows from investing activities

Purchase of equipment ($40,000)
Sale of land 15,000
Net cash outflow from investments ($25,000)
Cash flows from financing activities

Payment of dividends ($40,000)
Borrowings from bank 20,000
Net cash outflow from financing ($20,000)
Net increase in cash $190,000
An analysis of this statement would lead a fraud investigator to ask and investigate the following
types of questions:
• Did the company's cash balance actually increase by $190,000? If not, what happened to
it? Was it stolen?
• If sales are up significantly, why did receivables increase by only $10,000? Could the
company be booking bogus sales?
• If sales are up significantly, why did inventory decrease by $45,000? Again, could the
company be booking bogus sales?
• If inventory decreased by $45,000, why did the accounts payable balance rise by
$30,000? Is a theft of cash being hidden by delaying payment?
• If the land was owned for a number of years and sold for a rather large amount, why was
it sold for only $15,000? Was the land sold at fair market value or was the sales price
artificially small because it was sold to a related party?
• Why was the equipment purchased? Was it purchased at a fair market value, or from a
related party at an inflated price?
• If cash increased by $190,000, why borrow $20,000?
105
It is important to realize that financial-statement analysis merely suggests areas where fraud
MIGHT have occurred; it does not prove that a fraud took place.
Ratio and Trend Analysis Symptoms

Auditors often use ratio and trend analysis to identify unusual relationships between key
numbers on the financial statements. They find that it provides a good understanding of the
entity's performance and is an excellent technique for discovering material errors. Exhibit 5-4
below lists a number of common ratios used to evaluate company data.
Since most accountants are familiar with ratio and trend analysis, we forgo an explanation of
those items in favor of other items less readily understood.
Unusual Relationships
Many analytical fraud symptoms are conditions or data relationships that are unusual,
unexpected, or unrealistic. Many are found using the ratios shown in Exhibit 5-4 below.
Exhibit 5-4
Profitability Ratios
Gross profit margin = Gross profit/Net sales

Operating margin = Operating profit/Net sales
Net profit margin = Net income/Net sales
Return on assets (ROA) = Net income/Total assets
Return on equity (ROE) = Net income/Total equity
Price/earnings (PE) ratio = Price per share of stock/EPS
Cost of goods sold percentage = Cost of goods sold/Net sales
Liquidity Ratios
Cash ratio = (Cash + Securities)/Current liabilities

Current ratio = Current assets/Current liabilities
Working capital = Current assets - Current liabilities
Quick (acid test) ratio = (Current assets - Inventory)/Current liabilities
Inventory to net working capital = Inventory/(Current assets - Current liabilities)
Solvency Ratios
Debt-to-assets ratio = Total debt/Total assets

Debt-to-equity ratio = Total debt/Total equity
Long-term debt-to-equity ratio = Long-term debt/Total equity
Interest coverage ratio = Operating income/Interest expense
Activity Ratios
106
Accounts receivable = Sales/Average accounts receivable turnover

Days to collect receivables = 365/Accounts receivable turnover
Inventory turnover = Cost of sales/Average inventory
Days to sell inventory = 365/Inventory turnover
Property, plant, and equipment
(PPE) turnover = Net sales/Average net PPE
PPE percentage = Net PPE/Total assets
Sales return percentage = Sales returns/Total sales
Asset turnover = Net sales/Average total assets
Other Ratios
Receivable percentage = Accounts receivable/Total assets

Bad-debt percentage of receivables = Bad-debt expenses/Average accounts
receivable
Bad debt of total sales = Bad-debt expense/Total sales
Inventory percentage = Inventory/Total assets
Debt percentage ratio = Total liabilities/Total assets
However, there are a number of other analyses that can be performed to detect fraud. Many
require a fraud investigator to compare financial-statement data to nonfinancial data and
determine if the comparison makes sense. Many of the other analyses also involve being
creative, challenging explanations, and actively looking for relationships between data items that
do not make sense.
CPAs should look for transactions or data that are:

• Too large or too small;
• Too frequent or too rare;
• Too high or too low;
• Too much or too little; or
• Too early or too late.
They should also include transactions or data that:

• Happen at odd times or places;
• Are not performed by the usual people;
• Do not follow the normal policies, procedures, or practices; or
• Are out of order or sequence.
Example: Kimberly Scott was an auditor at Elann Industries, a large conglomerate.

When she reviewed the sheet-metal subsidiary financials, she could not
understand why inventory had increased fivefold in one year. Her
analytical tests revealed the following:
o Based upon the cubic volume of their warehouse and the inventory,
more than two warehouses would be required to house all of the
inventory.
107
o Some rolls of sheet metal supposedly weighed 50,000 pounds; their

largest forklift could only lift 3,000 pounds.
o Purchase orders supported an inventory of 30 million pounds. The
reported amount was 60 million pounds.
When she confronted management with her evidence, they admitted to

grossly overstating inventory to inflate profits. They had forecast
increased earnings and overstated inventory to meet their target.
Inventory, which was originally shown at $30 million, was written down
to $7 million.
Management inflated inventory by preparing fictitious inventory records.

Late at night, a manager at Elann had added fictitious tags to the box
where auditors stored the tags previously verified. Because they did not
want to add too many tags and a massive amount of inventory to be
fabricated, they made the mistake of including bogus tags for 50,000-
pound rolls of sheet metal. The manager also had to substitute new
inventory-reconciliation lists that agreed with the total of the valid and
fraudulent tags.
A number of unusual conditions or relationships that are seen frequently are presented below in the
form of fraud symptoms.
• A company whose ratios and operating performance are significantly better than others in
its industry -- Since companies in the same industry face the same competitive and
economic challenges, it is likely that all companies in the same industry will have
somewhat similar ratios. Therefore, company ratios and trend analyses should be
compared to those of other companies in the same industry. These statistics are available
from organizations such as Moody's and Dun and Bradstreet. Any notable divergences
should be investigated.
Example: In the early 1970s, Equity Funding stock was a favorite of stock market
investors. A main reason for its popularity was that it was showing record
profits at a time when other insurance companies were showing losses.
Only later was it discovered that their profits were fabricated. Equity
Funding generated more than $2 billion worth of fictitious insurance
policies that it sold to reinsurance companies.
• An increase in accounts receivable without a corresponding increase in sales -- There

may be a logical explanation for this, such as a recession or financial problems in the
industry or with a specific customer. On the other hand, the explanation may be that cash
or short-term securities are being stolen, and to balance the financial statements
receivables are being overstated.
Example: Over a seven-year period, accounts receivable in one large industrial

company increased until it was 90 percent of total assets. The large
increase was required to hide management's theft of $300 million.
108
• A significant rise in the number of overdue or related-party receivables.
Example: Donald Sheelen, the CEO of Regina Vacuum, owned 40 percent of the
stock and was vitally interested in having the stock rise. To improve
earnings, Regina booked bogus sales, prematurely recognized revenues,
and did not book millions of dollars of defective merchandise that was
returned because plastic parts were melting. The defective merchandise
also resulted in a significant increase in uncollectible and overdue
receivables.
• An increase in inventory without a corresponding increase in sales -- When the growth in

inventory outstrips the growth in sales, a company usually ends up with inventory it has a
hard time selling or that becomes obsolete.
Example: In the mid-1980s, Crazy Eddie was a fast-growing electronics retailer.

Between 1984 and 1986, its stock rose from a split-adjusted price of $2 to
almost $22. However, it lost control of its inventory. In 1986, sales
increased 88 percent as inventory increased 125 percent. In 1987, sales
increased 34 percent and inventory increased 83 percent. When the stock
price collapsed, Crazy Eddie was sued. The lawsuits alleged that Crazy
Eddie manipulated its inventory, and falsely recorded the sale of excess
goods to other retail stores at retail prices rather than at cost or market
value.
• An increase in inventory without a corresponding increase in warehouse, storage, and

handling costs.
• An increase in inventory without a corresponding increase in accounts payable and
purchases.
Example: The financial-statement fraud at Comptronix Corporation was uncovered

when a college professor who was reading the company's annual report
noticed that inventory increased but accounts payable and purchases did
not. He also noted that sales increased but receivables did not. An
investigation showed that management was overstating sales and
inventory to increase reported earnings.
• Persistent inventory shortages for portable and easily sold items.

• An increase in sales without a corresponding increase in cash sales or cash balances.
Example: Sales at an automobile-repair business went up each year, but the amount
of cash sales and cash balances steadily declined. The owner finally
discovered that his accountant was stealing increasing amounts of cash by
pocketing the money from cash sales. By the time the fraud was
discovered, he was stealing over half of all cash receipts.
109
• An increase in sales even though the company loses major customers.
Example: Sales at Miniscribe, a personal computer disk-drive maker, increased from

$114 million to $603 million between 1985 and 1989. This increase took
place even though it lost IBM, Apple, and Digital Computer Corporation
as customers.
Sales increased because the company:

o Packaged and shipped bricks and recorded the shipments as sales
of hard drives;
o Repeatedly sold and shipped defective merchandise;
o Flooded their suppliers with excess inventory before year-end; and
o Shipped drives to warehouses and booked them as sales.
• Increased dependence on one or two suppliers or customers.

• An increase in sales or purchases without a corresponding rise in freight expenses.
• An inordinate number of sales returns or credit memos after the beginning of the year --
Suppose a company's profits or revenues are below expectations. One way to increase
them is to ship merchandise to customers and recognize revenue as each shipment is
made, even though a sale has not actually been finalized. In many frauds of this nature,
customers are pressured to accept goods they do not want or are shipped goods they did
not order. This symptom is even more important if these shipments occur just before the
company's fiscal year-end.
Example: The SEC accused Datapoint Corporation, a maker of local area network
systems, with boosting revenues and net income by:
o Shipping products ahead of scheduled delivery dates;
o Sending partial shipments; and
o Knowingly shipping orders that customers had canceled.
The SEC investigation and disclosure played a large part in the stock
falling from almost $120 a share to $11 a share.
• Sales returns or credit memos rising faster than sales.

• An increase in variable costs without a corresponding increase in revenue.
Example: An auditor for a large motel chain noticed that the cost of laundry and
toiletries at one of its units was rising significantly at the same time
revenues remained flat. An investigation showed that room occupancy
was up (requiring more laundry and toiletries), but the manager was
pocketing many of the room rentals paid for in cash.
• An increase in manufacturing volume without a corresponding decrease in per-unit labor

and materials costs.
• An increase in manufacturing volume without a corresponding increase in scrap sales and
discounts on purchases.
110
• Inadequate or overly generous reserves -- One way to manipulate net income is not to set
up adequate reserves for actual or estimated losses. For example, a property and casualty
company could grossly underestimate its losses due to hurricane damage.
Example: First Executive Life Insurance Company suffered extensive losses in both
the junk-bond market and the real estate market. In an effort to disguise
the true financial condition of the company, the losses were not adequately
written down.
In April 1991, regulators seized First Executive and its affiliates. In May,
First Executive filed for Chapter 11 bankruptcy; it was one of the biggest
insurance failures in American history.
Though much less common, companies can also set up overly generous reserves.
The most common reason for doing this is to "smooth" earnings. In other words,
companies can "store" earnings in a reserve account so that they can hedge against
a future downturn. Income smoothing is often symptomatic of more serious
problems that might result in fraudulent activity.
• Cash disbursements that do not make sense.
Example: One alert auditor noticed there was no supporting documentation for a
payment to the Oldsmobile dealer for bodywork on the president's
Cadillac. Curious about why they would send the Cadillac to the Olds
dealer for bodywork, he investigated further. He found that no claims had
been sent to the organization’s insurance company. He also found that a
payment of exactly the same amount was made every month, and none of
them had any supporting documentation. He was unable to find any
record of a fixed-fee maintenance agreement. When he called the Olds
dealer, he found that the payments were being applied to a woman's car
loan. Further investigation revealed that the woman was the business
manager's girlfriend, and he was paying off her car loan.
• An increase in net income without a corresponding increase in cash flow from operations.
• Deteriorating quality of earnings.
• A significant increase in the number of voids, credits, reconciling items, or late charges.
• Significant increases, decreases, or adjustments to "at-risk" accounts such as payables,
receivables, or inventory.
• “Missing” employees at unscheduled payroll distributions.
• A significant increase in the number of dormant accounts activated.
• A significant percentage rise in expense reimbursement amounts.
• Persistent cash shortages in any cash account or cash register.
• Unexplained changes in financial-statement balances.
Behavior Symptoms
111
Altered Behavior
How would you feel if you began committing a fraud? Would you feel fear? Guilt? Anxiety?
How do you think these feelings would affect you? Behavioral psychologists and experienced
fraud investigators say that most fraud perpetrators, especially if they are first-time offenders,
alter their behavior in recognizable ways.
Unexplained Behavior Changes

Some of the more recognizable changes are:
• Nervousness and fidgety appearances;
• Inability to look others in the eye;
• Stress, tension, and an inability to relax;
• Unusual irritability, constantly on the defensive;
• Being very suspicious of others and their motives;
• Insomnia;
• Becoming argumentative, belligerent, or adopting an overbearing manner;
• Being unable to admit mistakes, or always excusing behavior;
• Unhappiness and the inability to enjoy life;
• Obsession with what will happen to them if they are caught;
• Drinking binges, taking drugs, or beginning chain-smoking; and
• Thoughts of suicide. A number of fraud perpetrators who can no longer live with their
actions take their own lives.
Example 1: Eddie Antar, who orchestrated the Crazy Eddie fraud, became increasingly
overbearing as the fraud progressed. Finally, unable to live with his fear
that he would be caught and his obsession with what would happen to him
if he were caught, he disappeared. He was later extradited from Israel to
face fraud charges.
Example 2: Lester B. Nay, the president of First Securities of Chicago, left a suicide
note explaining how he had tricked investors into placing money in
nonexistent, high-yielding escrow accounts. He defrauded them out of
millions of dollars.
Management Pressures
Other behavior symptoms (listed below) do not involve change, but have more to do with
management inquisitiveness, pressures, or turnover.
• Management is overly inquisitive about the effect of alternative accounting treatments on
earnings per share.
• Management has excessive interest in maintaining or increasing the company's stock
price or earnings trend through the use of unusually aggressive accounting practices.
• There could be client pressure to complete the engagement in an unusually short amount
of time.
112
• Rapid turnover -- This is characterized by the unexplained resignation or frequent

turnover of management or board of director members. Also, rapid turnover of key
employees, either through firing or voluntary terminations can also indicate problems.
Key employees are often either fired because they will not cooperate with the dishonest
acts or they quit because they do not agree with the dishonest attitudes of other key
officials.
Example: Equity Funding had three different controllers in one year. The first one
quit because of the irregularities. When his replacement discovered them,
he refused to sign SEC documents concerning the financial condition of
the company. The president offered the second controller a promotion in
exchange for his cooperation. The promotion was declined, and the
second controller left the company. A third controller was hired and he
was eventually implicated in the fraud.
Tip and Complaint Symptoms

Of all the people in an organization, who has the most opportunity to detect a fraud? Who would
be most aware of the perpetrator's theft, concealment, or conversion actions?
It is not those who have typically been viewed as responsible for fraud detection, because
internal and external auditors move around and associate with company employees on an
infrequent basis.
It is not the board of directors or the audit committee, since they too are not at the company on a
daily basis. Even top managers (unless they are the perpetrators) are not in a position to detect
the fraud since they are often isolated from other employees.
So, who is in the best position to detect fraud? It is the perpetrators' co-workers and immediate
supervisors, the ones who interact with them on a daily basis.
However, co-workers and immediate supervisors who witness or are aware of fraudulent
behavior are often torn between two conflicting feelings. On the one hand, they feel an
obligation to protect company assets and turn in fraud perpetrators. However, they are often
uncomfortable in the "whistle-blower" role and find it easier to remain silent. There are several
reasons why they are reluctant to take action.
• They are uncertain that a fraud has actually taken place; they do not want to falsely
accuse anyone.
• They do not want to get involved or to make trouble for someone else.
• They have fear of the consequences. They fear reprisals, such as getting fired, damage to
their career, and being ostracized by fellow workers.
• They have been taught not to be a squealer.
• They are uncertain about how to go about making the information available or who to
tell.
113
As a result, most people who are aware of a fraud will not make a formal complaint to someone
in a position of authority. However, they may begin to complain about the person or make hints
or otherwise give off indications that they know something is not right.
Unfortunately, most co-workers and mangers are not trained to pick up on these symptoms or to
separate them from the normal complaints and office gossip. As a result, the company misses
out on one of the best sources of fraud information: co-workers who have seen or know of
fraudulent actions.
Hotlines
If employees are able to report someone anonymously, they are often able to overcome the
above-mentioned reluctances. Therefore, an important way to uncover fraud is to set up an
anonymous fraud hotline.
Hotlines have been very effective. Researchers at Brigham Young University studied 212 frauds
and found that 33 percent of them were uncovered by anonymous tips.
The insurance industry set up a hotline so people could report dishonest practices in an attempt to
control an estimated $17 billion a year in fraudulent claims. In the first month, they received in
excess of 2,250 calls. Between 10 percent and 15 percent of the calls resulted in investigative
action.
The downside of hotlines is that many of the calls are not worthy of investigation. Some
informants are motivated by personal problems, anger, jealousy, or a desire for revenge. Some
are vague reports of wrongdoing, and others have no merit. Therefore, it is essential that no one
reported on a hotline is presumed guilty until he or she is proven so or he or she confesses.
A potential problem with a hotline is that the people who operate the hotline may report to
people who are involved in top-management fraud. This can be overcome by using a fraud
hotline set up by a trade organization or commercial company. Reports of management fraud
can be passed by this outside company directly to the board of directors.
Whistle-Blowing
There are many instances of fraud uncovered due to someone in the organization blowing the
whistle.
Example 1: One high official at a food-processing company acted as a mole for the
FBI and was instrumental in bringing price-fixing charges against the
company.
Example 2: A machine foreman at General Electric tried unsuccessfully to get GE to

stop falsifying timecards and billing vouchers on U.S. government jobs.
When he reported the problem to the senior vice president in charge of the
plant, he was fired. A subsequent investigation showed that 27 percent of
the timecards had been falsified, allowing GE to overbill the government
$7.2 million.
114
Example 3: Department of Defense auditors received three anonymous tips that a major
defense contractor was shifting cost overruns on fixed-fee contracts to cost-
plus contracts. When they investigated, they found that almost $40 million
in expenses had been reallocated. The officials responsible for the fraud
were jailed, and the company was fined $100 million.
Organizational Structure Symptoms

Companies should be organized in an orderly and efficient fashion. There should be a logical
reason for each organizational entity and for everything a company does. When an element of
the organization does not have a well-defined or logical business purpose, the fraud investigator
should look more closely to determine if the company is trying to hide something.
Overly Complex Organizational Structure

This includes numerous or unusual subsidiaries and divisions, managerial lines of authority, or
contractual arrangements. Unnecessary complexity makes it easier for inappropriate items to be
lost in the shuffle or intentionally buried under a blizzard of paperwork.
Example: Lincoln Savings and Loan was a subsidiary of American Continental.

American Continental had 55 separate, but related, companies. There
were numerous related-party transactions between Lincoln and other
subsidiaries.
The following are symptoms of an overly complex organizational structure:

• It is difficult determining which organization or individual(s) control the entity;
• Bank accounts/subsidiary/branch operations are in tax-haven jurisdictions for which there
appears to be no clear business justification;
• Lack of a competent and effective internal-audit department that conducts audits, tests
transactions, and investigates fraud; and
• Lack of an audit committee composed of outside members of the board of directors.
Outsider/Related-Party Symptoms
Sometimes the relationships that a company has with outsiders and related parties can provide us
with the clues we need to detect a fraud. A few of the more important related-party and outsider
symptoms are discussed below.
• Frequent changes of auditors or lawyers -- The risk of a fraud is higher at companies that
change auditors or legal counsels frequently. A CPA or law firm that suspects or
concludes that its client is not trustworthy or is involved in illegal activities would
probably resign.
A company that suspects its auditors are getting close to detecting an illegal act will
likely fire its auditors because a new auditor, without any suspicions, is less likely to
detect a fraud. Likewise, a company faced with a request to provide damaging
information to existing legal counsel will likely fire its lawyers because a new law firm,
without any suspicions, is less likely to realize there is anything wrong.
115
Accountants who audit firms with frequent legal and auditor changes should be especially
careful to investigate the reasons for the changes and to discuss with management and
predecessor auditors and lawyers, as appropriate, the reasons for the changes.
Example: Lincoln Savings and Loan had three different auditors in four years.
Arthur Andersen and Co. was the auditor in 1985, and Ernst and Young
was the auditor in 1986 and 1987. Deloitte and Touche was engaged to do
the 1988 audit, but never issued an audit opinion on their statements.
• Strained relationships between management and its current or predecessor auditors --

Specific indicators might include:
o Frequent disputes with auditors on accounting or reporting matters, including
"opinion shopping";
o Unreasonable demands on auditors, including time constraints for audit
completion or issuance of the auditor's reports;
o Formal or informal restrictions on auditors that inappropriately limit their access
to people, information, or ability to communicate effectively with the board of
directors or the audit committee;
o Domineering management behavior in dealing with auditors; and
o Reluctance to give auditors needed data.
• Several different auditing firms, legal counsels, and banks -- When a company has
different auditors, lawyers, and banks for its different subsidiaries, it is much more
difficult for any one firm to see the whole picture. This makes it easier for management
to commit and conceal a fraud.
• Unusually large expenditures to lawyers, consultants, or agents.
• Significant litigation -- This is of concern especially if the litigation is between
management and shareholders.
• Prior or ongoing problems with regulatory agencies -- These would include revoked
licenses, frequent review by regulators, and significant or frequent tax adjustments or
problems with the IRS. For example, Lincoln Savings and Loan was constantly on the
industry regulator's list of problem institutions.
• Difficulty borrowing from lending institutions -- This includes violation of lending

institution debt restrictions.
• Pressures to restructure, sell, merge, or be taken over.
• Pending legislation with a potentially serious impact on the company's operations.
• Long-term purchasing contracts at prices significantly below current prices -- A number
of companies, expecting either significantly rising costs or high inflation, have entered
into long-term purchasing contracts. These work well if prices do, in fact, rise. If,
instead, prices fall significantly, and the company cannot extricate itself from the
contracts, they often face financial pressures that can lead them to fraudulent actions.
• Disproportionate amount of purchasing from one or few vendors -- Procurement fraud, in
which a buyer either extracts favors from vendors as a condition of doing business with
them or works in collusion with the vendor, is one of the most prevalent types of fraud.
The vendor and the buyers profit by raising prices, shipping inferior goods, billing for
more than is shipped, and shipping more goods than the company needs.
116
Indicators that point to procurement fraud include:

o Steady and frequent increases in inventory and supplies costs;
o Customer and employee complaints about inferior goods;
o The quantity of the goods on hand rises much higher than what is needed to
support usage or sales;
o The purchase of goods that are not needed or cannot be easily sold result in
inventory buildup and obsolete merchandise;
o Altered or photocopied contracts, bills, etc.;
o Purchases from unapproved vendors;
o Billing for work not performed;
o Padding overhead charges; and
o Increased reliance on one or more customers.
When a company wants to book bogus sales, it usually finds it easier to confine these
sales to one or a few customers. Doing so makes it easier to separate the legitimate from
the bogus and to steer auditors and investigators away from the bogus accounts.
• Significant related-party transactions not in the ordinary course of business.
• Intercompany transactions with related entities that are not audited or are audited by
another firm.
Internal-Control Symptoms
Chapter 4 discussed in depth the internal-control deficiencies that allow fraud to take place. The
absence of any one of these controls is a fraud symptom. The importance of these controls is
illustrated by several studies showing that one of the most effective fraud detectors is effective
internal control.
Internal-control symptoms could be much more effective in detecting fraud than they currently
are. However, management and auditors who detect internal-control weaknesses do not view the
weaknesses as fraud symptoms.
When an internal-control weakness is found, the typical reaction is either concern (“We need to
fix that immediately") or a lack of concern ("We need to fix that someday"). The first reaction is
certainly a proper one and the better of the two. However, it does not go far enough. The
company must also recognize that the weakness is a fraud symptom that must be thoroughly
investigated to determine if a loss has occurred.
Periodically assessing internal control and investigating all weaknesses with the intent of looking
for fraud is one of the most effective fraud-detection methods available.
Example 1: One international banking organization uncovers as many as 1,000

employee frauds a year. They have stated that their most effective
detection tool is to find, fix, and investigate internal-control weaknesses.
In a recent year, 31 percent of the frauds they detected were discovered in
this manner.
117
During this evaluation, it is important not to just look at the internal controls
that are in place, but to evaluate whether they are enforced. Having an
internal control in place, yet not enforcing it, is like not having the control at
all.
Example 2: The bookkeeper at a small bank embezzled over $3 million dollars from
her employer. She wrote personal checks on her account at the bank and
intercepted them when they were returned by the Federal Reserve. She
had accounts at other banks and wrote checks from those accounts and
deposited them into her account. These were intercepted before they were
sent to the Federal Reserve for collection. The net result was that she had
an "unlimited" checking account.
Because of the fraud, the amount in the master demand deposit did not
match the total of the individual demand deposit balances. To keep the
auditors from discovering the fraud, she parked the difference at the
Federal Reserve on the days the auditors checked the books. She did this
by sending the Federal Reserve enough previously used cashier’s checks
to cover the amount of her fraud. The Federal Reserve gave the bank
credit for the amount of the bank's outgoing cash letter. The next day,
when the Federal Reserve discovered that the cashier’s checks were the
bank's own checks, they reversed the credit they had given the bank the
previous day. The net result: the books balanced only on the day the
auditors checked the books.
The fraud was uncovered when a check was rejected by the Federal
Reserve sorter because it had been used so many times it could not be
read.
The bank had the controls needed to detect the fraud. Unfortunately, they
were not enforced nor were the following noted weaknesses investigated:
o Although the accounts balanced at the end of the month, they were
out of balance the rest of the time. The bank received daily reports
that showed the out-of-balance condition, but they were never
investigated.
o Individual accounting records were altered.
o The bookkeeper said that her workload was too heavy for her to
take the bank's mandatory two consecutive weeks' vacation. As a
result, management gave her permission to not follow the policy.
o The bank required two signatures on all general-ledger tickets.
The bookkeeper asked the other signatories to presign tickets to
avoid the hassle of getting signatures when people were busy with
other tasks.
118
In addition to these control weaknesses, the bookkeeper lived an

extravagant lifestyle that could not possibly be supported by her bank
income.
Lifestyle Symptoms
Almost all perpetrators spend their ill-begotten gains as quickly as they get them to upgrade their
lifestyle. Perpetrators seem to need instant gratification; perhaps that is what leads them to
commit a fraud in the first place.
It is very rare to hear of a perpetrator that "saves" the money taken. One particular fraud expert
reports that he has investigated or studied hundreds of frauds and can only remember two where
the perpetrator could be said to be saving, rather than spending, the money taken. One was a
man who bought gold bullion and stored it in his basement. The other was a woman who used
the money to set up trust funds for her grandchildren.
Their spending eventually leads to some form of conspicuous consumption. For example, they
spend the money on:
• Fancy cars;
• Luxurious homes;
• Vacation homes;
• Expensive vacations;
• Expensive clothes, jewelry, and restaurant meals;
• Presents for family and friends; and
• Gambling, drugs, alcohol, and sexual relationships.
If employers were more observant, they could easily pick up on these symptoms. Many
perpetrators like to show off their trappings of success and few seek to hide their newfound
wealth. After all, who wants to buy a brand new expensive sports car and let it sit at home in the
garage?
Any evidence of company employees living beyond their means should be thoroughly
investigated. Chapter 6 discusses some of the methods that can be used to conduct this
investigation. As illustrated in the following example, in many cases of conspicuous
consumption, the evidence will lead to proof that a fraud is taking place.
Example: One Saturday night, an observant bank auditor in London noticed a vice
president of the bank's leasing subsidiary driving a restored Rolls Royce
Silver Cloud. Wondering how he could afford a car worth several
hundred thousand dollars, he began an investigation. He found that the
leasing officer had negotiated eight sale-and-leaseback agreements with
shipping firms for a total of $244 million. The treasurer of each of the
shipping companies was paid a legal five-percent commission, but the
leasing officer had taken 40 percent of the commission as a kickback. In
all, the leasing officer received $4.88 million. The man who appraised all
of the equipment took a $25,000 bribe on each lease to inflate the price of
the equipment by 20 to 25 percent. The bank absorbed a substantial loss.
119
Environmental Symptoms
Why do some organizations seem to be plagued with more fraud than others? Could something
the company says or does affect the amount of fraud that takes place? Could the example and
behavior of management affect how other employees behave?
Studies have found that the honesty of some employees is significantly affected by the cultural
standards of management and their co-workers. That means, for example, that companies that
teach, emphasize, and reward honesty, as well as clearly label and define honest and dishonest
actions, are likely to experience less fraud.
Conversely, management and companies that do not believe in or follow a high ethical standard
often face more than their share of fraud. The following are environmental symptoms that might
indicate the presence of fraud.
• Confusion about honesty and ethics -- As described above, management and employees
must believe in and live a high ethical standard.
• Past occurrences of fraud.
• Domineering and overbearing management -- Individuals with sufficient power to direct
and control an organization without being questioned can impose their views on others.
They can also use their position to intimidate other employees into remaining silent, even
when the other employees know that a fraud is taking place.
Example: The head of a merchant bank in England always bought three tickets, from
three different sources, for every business trip he took. He used one ticket
and traded the other two for vouchers that could be used to buy tickets
anytime within the next year. He used the vouchers to fly himself and his
wife to their estate in Ireland. He approved one set of tickets before
leaving. Upon his return, he submitted the other two for reimbursement.
The secretary knew what was going on, but was afraid to disclose
anything for fear of losing her job.
• The company does not prosecute fraud perpetrators -- As mentioned in Chapter 3,

companies that fail to prosecute perpetrators unknowingly send the message to their other
employees that nothing bad will happen if an employee does commit a fraud. As is
shown in the following example, perpetrators who are not prosecuted often proceed to
commit a second fraud.
Example: A consultant reviewing a company's security environment uncovered a

fraud committed by a computer-room operator. The perpetrator confessed
to the $175,000 fraud and was fired. However, the fraud was not
mentioned in his personnel file, and he was given a three-month
consulting job with the company.
Six months later, the consultant saw the same operator with another client.
He checked the same computer application where he had found the
previous fraud. Sure enough, the operator had committed an $85,000
120
fraud. The second company decided to investigate the perpetrator and

then prosecute him. They found he had committed the same fraud at a
third company and had spent three years in jail for it. The perpetrator
received another three-year sentence.
• The company does not conduct background checks on all potential employees -- A
person's past behavior can often give clues to his future behavior. Background checks
can help uncover employees with criminal records or past troubles with regulatory or
governmental agencies. The importance of using background checks to uncover these
types of problems is discussed in Chapter 4.
• The company frequently operates in a crisis or rush mode -- During times of crisis or in
an effort to complete a rush job, the normal controls are often pushed aside. This makes
it easier to not only commit, but to conceal a fraud.
• Management is carelessly inattentive to details and fails to correct errors or problems on a
timely basis.
• Management routinely disregards company guidelines and controls -- Management that
ignores company controls and guidelines sets a bad example for employees. The
employees also start to resent the fact that there are two sets of rules, one for them and
another for management.
• Compensation plans that are contingent upon achieving unduly aggressive sales,
profitability, other goals -- This may motivate a person to overstate company
performance in order to increase compensation.
• Unrealistic performance standards -- These can lead to desperation and anger, resulting in
dishonesty or to "get even" attitudes. In essence, the company may be motivating
employees to fraudulent behavior rather than improved performance. It may be forcing
them to choose between failing through no fault of their own and cheating.
• Low employee morale or loyalty -- Fraud is more likely to occur in situations where
morale is low, or where there are significant feelings of ill will, resentment, anger, or
alienation. Employees may have these feelings because they:
o Have substandard working conditions;
o Fear they may lose their jobs;
o Severely resent someone in the company;
o Are underpaid and "deserving" of more money;
o Feel their contributions are not appreciated or recognized; and
o Feel the company is taking advantage of them.
• The company is in poor financial condition.
• Absence of employee support and assistance programs.
Lack of a fraud policy -- This includes policies to prevent, detect, investigate, and handle
fraud.
121
rationales.
1. The areas of purchasing, receiving, cash receipts, and accounts receivable are the prime
areas to look for fraud in:
A. Receipt of goods or cash.

B. Purchasing, disbursement of cash, and shipment of goods.
C. Misappropriation of company assets.
D. Fraudulent reporting of company results.
2. With regard to fraudulent financial reporting, subsequent year net income can be inflated
by:
A. Recording revenues too soon.

B. Recording bogus revenues.
C. Shifting current expenses to a later period.
D. Shifting future expenses to the current period.
3. True or false: The fact that fraud symptoms are present is a guarantee that fraud exists.
A. True.
B. False.
4. The presence of alleged, forged, or unusual documents may indicate that a fraud has
occurred and is considered a(n) _______ symptom.
A. Analytical.
B. Behavior.
C. Accounting.
D. Organizational structure.
5. An example of an accounting symptom that a company may experience is:
A. A significant rise in the number of overdue or related-party receivables.

B. An employee with recognizably altered behavior such as stress, tension, and
inability to relax.
C. The selection of or changing to more liberal accounting practices.
D. A lack of an audit committee composed of outside members of the board of
directors.
122
6. True or false: Vertical and horizontal analyses are means of analyzing individual
financial statement account balances by converting financial statement numbers to
percentages so that relationships between data are easier to understand.
A. True.
B. False.
7. An unusual or unexpected gross profit margin may indicate that a fraud has occurred and
is considered:
A. An analytical symptom.
B. A lifestyle symptom.
C. An accounting symptom.
D. An environmental symptom.
8. An example of an analytical symptom that a company may experience is:
A. An increase in inventory without a corresponding increase in warehouse, storage,

and handling costs analytical symptom.
B. An employee that seems to be living beyond his means by purchasing expensive
assets.
C. Numerous adjusting entries at year end.
A. Compensation plans that are contingent upon achieving unduly aggressive
profitability.
9. An unexplained change in an employee’s mannerisms, such as nervous or fidgety

appearances, may indicate that a fraud has occurred and is considered:
A. An outsider/related party symptom.

B. A behavior symptom.
C. An internal control symptom.
D. An organizational structure symptom.
10. True or false: Co-workers and immediate supervisors who witness or are aware of
fraudulent behavior often feel uncomfortable in the whistle-blower role and find it easier
to remain silent.
A. True.
B. False.
11. Numerous or unusual subsidiaries and divisions, managerial lines of authority, or

contractual arrangements may indicate that a fraud has occurred and is considered:
A. A lifestyle symptom.
B. An outsider/related party symptom.
123
12. Which of the following symptoms would a strained relationship between management
and its current or predecessor auditors be an example of?
A. A lifestyle symptom.
B. An outsider/related party symptom.
13. An example of an environmental symptom is:
A. Persistent inventory shortages for portable and easily sold items.

B. A company that frequently operates in crisis or rush mode.
C. An increase in variable costs without a corresponding increase in revenue.
D. The lack of an audit committee composed of outside members of the board of
directors.
124
1. The areas of purchasing, receiving, cash receipts, and accounts receivable are the prime
areas to look for fraud in:
A. Receipt of goods or cash. This answer is correct because the prime areas to
look for fraud in receipt of goods or cash are purchasing, receiving, cash
receipts, and accounts receivable.
B. Purchasing, disbursement of cash, and shipment of goods. This answer is
incorrect because the prime areas to look for fraud in purchasing, disbursement of
cash, and shipment of goods are purchasing, shipping, cash disbursements, and
payroll.
C. Misappropriation of company assets. This answer is incorrect because the prime
areas to look for fraud in misappropriation of company assets are inventory,
supplies, equipment, machinery, and fixed assets.
D. Fraudulent reporting of company results. This answer is incorrect because the
prime areas to look for fraudulent reporting of company results are revenues of all
kinds, major expense categories, and assets such as inventory and receivables.
2. With regard to fraudulent financial reporting, subsequent year net income can be inflated
by:
A. Recording revenues too soon. This answer is incorrect because recording

revenues too soon is a way to inflate current year net income, not subsequent year
net income.
B. Recording bogus revenues. This answer is incorrect because recording bogus
revenues is a way to inflate current year net income, not subsequent year net
income.
C. Shifting current expenses to a later period. This answer is incorrect because
shifting expenses to a later period is a way to inflate current year net income, not
subsequent year net income.
D. Shifting future expenses to the current period. This answer is correct
because shifting future expenses to the current period can inflate the
subsequent year net income.
3. True or false: The fact that fraud symptoms are present is a guarantee that fraud actually
exists.
A. True. This answer is incorrect because fraud symptoms may indicate the
existence of fraud but they do not guarantee that fraud exists.
B. False. This answer is correct because fraud symptoms may indicate the
existence of fraud but they do not guarantee that fraud exists. However,
every time there is fraud, one or more of the symptoms are present.
125
4. The presence of alleged, forged, or unusual documents may indicate that a fraud has
occurred and is considered a(n) _______ symptom.
A. Analytical. This answer is incorrect because an example of an analytical

symptom would be a significant rise in the number of overdue or related-party
receivables.
B. Behavior. This answer is incorrect because an example of a behavior symptom
would be an employee with recognizably altered behavior such as stress, tension,
and inability to relax.
C. Accounting. This answer is correct because the presence of alleged, forged,
or unusual documents is considered an accounting symptom.
D. Organizational structure. This answer is incorrect because an example of an
organizational structure symptom would be a lack of an audit committee
composed of outside members of the board of directors.
5. An example of an accounting symptom that a company may experience is:
A. A significant rise in the number of overdue or related-party receivables. This

answer is incorrect because significant rise in the number of overdue or related-
party receivables would be an accounting symptom, not an accounting symptom.
B. An employee with recognizably altered behavior such as stress, tension, and
inability to relax. This answer is incorrect because an employee with
recognizably altered behavior such as stress, tension, and inability to relax would
be a behavior symptom, not an accounting symptom.
C. The selection of or changing to more liberal accounting practices. This
answer is correct because the selection of or changing to more liberal
accounting practices is considered an accounting symptom.
D. A lack of an audit committee composed of outside members of the board of
directors. This answer is incorrect because the lack of an audit committee
composed of outside members of the board of directors would an organizational
structure symptom, not an accounting symptom.
6. True or false: Vertical and horizontal analyses are means of analyzing individual
financial statement account balances by converting financial statement numbers to
percentages so that relationships between data are easier to understand.
A. True. This answer is correct because vertical and horizontal analyses are
means of analyzing individual financial-statement account balances by
converting financial-statement numbers to percentages so that relationships
between data are easier to understand.
B. False. This answer is incorrect because vertical and horizontal analyses are
means of analyzing individual financial-statement account balances by converting
financial-statement numbers to percentages so that relationships between data are
easier to understand.
126
7. An unusual or unexpected gross profit margin may indicate that a fraud has occurred and
is considered:
A. An analytical symptom. This answer is correct because an unusual or

unexpected gross profit margin is considered an analytical symptom.
B. A lifestyle symptom. This answer is incorrect because an example of a lifestyle
symptom would be an employee that seems to be living well beyond his means.
C. An accounting symptom. This answer is incorrect because an example of an
accounting symptom would be the presence of journal entries that are not logical
entries to an account.
D. An environmental symptom. This answer is incorrect because an example of an
environmental symptom would be a company that does not conduct background
checks on all potential employees.
8. An example of an analytical symptom that a company may experience is:
A. An increase in inventory without a corresponding increase in warehouse,

storage, and handling costs analytical symptom. This answer is correct
because an increase in inventory without a corresponding increase in
warehouse, storage, and handling costs is considered an analytical symptom.
B. An employee that seems to be living beyond his means by purchasing expensive
assets. This answer is incorrect because an employee that seems to be living well
beyond his means by purchasing expensive assets is a lifestyle symptom.
C. Numerous adjusting entries at year end. This answer is incorrect because
numerous adjusting entries at year end are an analytical symptom.
D. Compensation plans that are contingent upon achieving unduly aggressive
profitability. This answer is incorrect because compensation plans that are
contingent upon achieving unduly aggressive profitability are an environmental
symptom.
9. An unexplained change in an employee’s mannerisms, such as nervous or fidgety

appearances, may indicate that a fraud has occurred and is considered:
A. An outsider/related party symptom. This answer is incorrect because an example

of an outsider/related party symptom would be the use of several different
auditing firms, legal counsels, and banks.
B. A behavior symptom. This answer is correct because an unexplained change
in an employee’s behavior, such as nervous or fidgety appearances, is
considered a behavior symptom.
C. An internal control symptom. This answer is incorrect because an example of an
internal control symptom is a weakness in the internal control.
D. An organizational structure symptom. This answer is incorrect because an
example of an organizational structure symptom is compensation plans that are
contingent upon achieving unduly aggressive profitability.
127
10. True or false: Co-workers and immediate supervisors who witness or are aware of
fraudulent behavior often feel uncomfortable in the “whistle-blower” role and find it
easier to remain silent.
A. True. This answer is correct because it is true that many frauds go

unreported because co-workers and immediate supervisors who witness or
are aware of fraudulent behavior often feel uncomfortable in the “whistle-
blower” role and find it easier to remain silent.
B. False. This answer is incorrect because on one hand, supervisors and co-workers
feel an obligation to protect company assets, but may feel loyalty to those they
work with as well.
11. Numerous or unusual subsidiaries and divisions, managerial lines of authority, or

contractual arrangements may indicate that a fraud has occurred and is considered:
A. A lifestyle symptom. This answer is incorrect because an example of a lifestyle

B. An outsider/related party symptom. This answer is incorrect because an example
of an outsider/related party symptom would be the use of several different
auditing firms, legal counsels, and banks.
D. An organizational structure symptom. This answer is correct because
numerous or unusual subsidiaries and divisions, managerial lines of
authority, or contractual arrangements is considered an organizational
structure symptom.
12. Which of the following symptoms would a strained relationship between management
and its current or predecessor auditors be an example of?
A. A lifestyle symptom. This answer is incorrect because an example of a lifestyle

B. An outsider/related party symptom. This answer is correct because a
strained relationship between management and its current or predecessor
auditors is considered an outsider/related party symptom.
D. An organizational structure symptom. This answer is incorrect because an
example of an organization structure symptom is numerous or unusual
subsidiaries and divisions, managerial lines of authority, or contractual
arrangements.
13. An example of an environmental symptom is:
128
A. Persistent inventory shortages for portable and easily sold items. This answer is
incorrect because persistent inventory shortages for portable and easily sold items
are an analytical symptom.
B. A company that frequently operates in crisis or rush mode. This answer is
correct because frequently operating in crisis or rush mode is considered an
environmental symptom.
C. An increase in variable costs without a corresponding increase in revenue. This
answer is incorrect because an increase in variable costs without a corresponding
increase in revenue is an analytical symptom.
D. The lack of an audit committee composed of outside members of the board of
directors. This answer is incorrect because the lack of an audit committee
composed of outside members of the board of directors is an organizational
structure symptom.
129
Chapter 6: Fraud Investigation and Audit
Chapter 6 – Fraud Investigation and Audit

Learning Objectives
1. Explain the key elements of a fraud investigation and audit.
2. List the types of evidence gathered and illustrate them through some real-world fraud
cases.
Fraud is like an iceberg. We see only a small part of what has actually taken place. Just as one
must "go under water" to determine the actual size of an iceberg, so a fraud investigator must
probe deeply to discover the true extent of fraud.
The purpose of a fraud investigation is to determine if, in fact, a fraud occurred and, if it did, the
extent of the fraud. To make this determination, there are a number of different types of evidence
that can be gathered and analyzed.
Fraud investigators have classified the different types of fraud evidence into four major
categories: documentary, people, personal observation, and physical evidence. Each of these
four types of evidence is discussed in this chapter. Before the evidence types are discussed,
however, this chapter discusses the fraud investigation process and fraud examination theory.
The Fraud Investigation Process
As mentioned in Chapter 5, companies that want to detect fraud should be on the lookout for
fraud symptoms. When symptoms are noted, they should be investigated. The purpose of the
investigation is to gather sufficient evidence to determine whether or not a fraud actually
occurred.
In investigating fraud, it is important to remember that the mere occurrence of one or more fraud
symptoms does not indicate that a fraud has, in fact, occurred. The symptom often has a very
logical explanation other than fraud.
Great care should be exercised during an investigation. Investigations can be time-consuming

and disruptive. Questions are raised and people want answers. Employee productivity can suffer
as employees spend time wondering about the investigation, its outcome, and the aftermath.
Great care also needs to be exercised in determining who is a suspect and who should be
investigated. It can be very traumatic to be investigated. Once people realize who is the target
of an investigation, the rumors and innuendos start flying. Questions are asked about the person,
and suspicions are raised in the minds of family members, business associates, and community
members. Some suspects who are confronted with allegations or investigation findings are
unable to handle it and have suffered heart attacks, emotional breakdowns, or they commit
suicide.
If a fraud investigation is handled badly, one or more of the following undesirable things might
happen.
• Employee morale can be damaged significantly.
130
• Innocent people may receive irreparable harm to their reputations. This may result in a
lawsuit.
• The perpetrator(s) are not caught and are thus free to repeat the fraud at the company or
elsewhere.
• The company is unable to prevent similar incidents or recover damages because they never
find out how the fraud was committed and concealed.
Four-Step Investigation Strategy

Fraud investigations begin with a suspicion that a fraudulent action has occurred. Those
perpetuating the fraud do their best to hide it. The investigator must examine whatever evidence
is available and hope it leads to more evidence. Thus, these bits and pieces of evidence must be
added up in an attempt to establish the amount taken. This is often accomplished best by using
the following four-step process.
Step One -- Problem Recognition and Definition

The objective of this phase is to determine if there is sufficient cause, or predication, to
investigate the fraud symptom(s). Predication is defined as the totality of circumstances that
would lead a reasonable, prudent, and professionally trained person to believe a fraud has
occurred, is occurring, or will occur. Note that predication is not proof that a fraud or even
overwhelming evidence exists; it is merely sufficient reason to warrant a fraud investigation.
Before beginning a formal investigation, management approval must be obtained because a fraud
investigation can be disruptive and quite expensive.
Step Two -- Evidence Collection

Once predication is established, evidence is collected in an attempt to determine if, in fact, a
fraud did occur. Evidence is gathered to determine:
• What was stolen or misrepresented, and the amount or extent of the theft or
misrepresentation;
• Who committed it;
• How they committed it;
• When the fraud was committed;
• Why it was committed; and
• Where the fraud took place.
One way to organize fraud information so that all of the above-mentioned fraud elements are
considered is to use a vulnerability chart. Exhibit 6-1 shows a vulnerability chart for three
separate frauds: a theft of a customer deposit, an inventory theft, and an overcharge on goods.
For each of these three frauds it shows:
131
• Missing assets;
• Individuals who could have taken the assets;
• Ways the theft could have occurred;
• Methods the perpetrator could have used to conceal the fraud;
• Methods the perpetrator could have used to convert the assets to cash or
personal use;
• Observed symptoms;
• Possible motivating pressures;
• Probable rationalizations used by the perpetrator; and
• Internal controls that were probably compromised in committing the fraud.
132
Exhibit 6-1
Vulnerability Chart
Source: Fraud: Bringing Light to the Dark Side of Business, by W. Steve Albrecht, Gerald W.
Wernz, and Timothy L. Williams, p. 145.
133
To avoid arousing suspicions and implicating an innocent suspect, it is customary in evidence-

gathering to:
• Begin using investigative techniques that are not easily recognized;
• Involve as few people at the beginning as possible;
• Gradually work inward toward the prime suspect, until he or she is finally
confronted in an interview; and
• Refer to the "investigation" by using less intimidating words, such as audit and
inquiry.
Step Three -- Evidence Evaluation

In this step, the evidence collected is evaluated to determine whether it is sufficient to effectively
evaluate and report the fraud.
Evidence is not gathered to render an opinion on whether a fraud took place, nor is it gathered to
"prove" the fraud, because that can only be done in a court of law.
However, the evidence must be evaluated to determine if it is complete and accurate. If the
evidence is deemed insufficient, then more evidence may need to be gathered. The evidence can
also be evaluated to determine the company's best course of action (go to court, get the
perpetrator to confess, etc.).
Step Four -- Report Findings

The final phase of the fraud investigation is writing up the results. This can be both challenging
and demanding because the fraud report is often the only evidence available to support the fraud
investigation. The report is very important since lawsuits are often won or lost based upon the
quality of the fraud report.
Characteristics of a Fraud Report

Some important characteristics of a quality fraud report are:
• Accuracy;
• Timeliness;
• Comprehensiveness;
• Impartiality;
• Clarity; and
• Relevance.
A fraud report should never contain a conclusion or opinion as to whether a fraud actually took
place. When a case goes to court, the fraud report is admitted as evidence. If it contains
opinions and conclusions, the defending attorney can attempt to use them to show prejudice
toward the client.
Fraud Examination Theory

In order to investigate frauds efficiently, the investigator must:
• Examine the available facts;
• Make some assumptions;
134
• Develop a hypothesis using as many of the who, what, when, where, why, and
how elements as possible;
• Gather the evidence needed to test the hypothesis to see if it is accurate; and
• Refine and improve the hypothesis.
This approach gives the investigation structure and direction and helps the investigator avoid an
uncoordinated, ill-defined, and inefficient investigation. It is especially important to use this
approach when the fraud is large or complex. Without a hypothesis, an investigator strikes out
blindly, hoping to stumble onto evidence of importance.
Example: Suppose that CLR Corporation received an anonymous tip on its fraud
hotline saying that Kimberly Miles, a sales manager, was conspiring with
one of its customers, Ashton Industries.
Company administrators decide that the tip is sufficient predication to

proceed with a fraud investigation.
An investigator could hypothesize the following:

• Kimberly is in a position to do something that can benefit
both herself and Ashton Industries.
• The benefit to Ashton Industries must be something that
Kimberly has the power to grant, either legally or illegally.
That might be approving the sale of goods at reduced prices
or granting Ashton credit on goods they never return.
• Kimberly is benefiting somehow, possibly by receiving a
kickback.
• If Kimberly is receiving a kickback, she is probably
spending it to pay off a debt or to buy luxury items.
Based upon these hypotheses, the investigator could:

• Examine Kimberly's personnel file to determine if she had
or now has financial difficulties. Since this is a normal
audit step, this can easily be done without Kimberly's
knowledge and without arousing the suspicion of others.
• Search public records and other sources to gather evidence
about the suspect's lifestyle and spending habits. While
this is not a normal audit procedure, it can be done without
the suspect's permission or knowledge.
• Analyze sales trends and prices to determine if special
prices are being granted to Ashton. Likewise, credit memos
and receiving reports of returned goods can be examined.
Again, this is a normal audit step that will not arouse
suspicions.
• Perform surveillance or other covert operations. When
properly performed, this can be accomplished without
arousing suspicions.
135
• Conduct interviews. This is usually when the suspect

learns of the investigation. However, a suspect is less
likely to know he or she is under investigation if people
that he or she is not close to are interviewed first. This
avoids creating undue stress or suspicion in the suspect's
mind and also protects the suspect if evidence later reveals
no involvement.
As the investigation progresses, people closer and closer to the suspect are
interviewed. Among them are other customers and present and former
sales personnel (to see if Kimberly or people at Ashton had ever
approached them with under-the-table deals). Care must be taken to not
interview anyone who may be colluding with Ashton Industries or
Kimberly.
Simultaneously, Kimberly and Ashton Industries buyers should be

interviewed. If Kimberly is guilty and the investigator can show that the
evidence against her is overwhelming, there is a good chance she will
confess to the fraud.
Evidence
Evidence is something that can help prove or disprove the facts of a fraud case. Documents,
testimony, objects, and facts can all be used as evidence.
The quality of evidence gathered can make or break a fraud case. For example, the evidence
gathered can be so pervasive that the perpetrator is convicted of fraud. On the other hand, the
evidence can be so weak that the case is dismissed. It is important to note that in between those
two extremes are many gradations of evidence pervasiveness.
It is the responsibility of a fraud investigator to gather as much evidence as possible. Doing so

ensures that the prosecution has a strong case against the perpetrator.
To be legally acceptable as evidence, these items must be:

• Gathered lawfully;
• Competent;
• Objective;
• Relevant; and
• Material to the issues being litigated.
All evidence gathered in a fraud investigation is admissible unless the trial judge decides that an
item of evidence does not meet the above standards. The investigator must be careful to meet all
of the above criteria or else the defense attorney is sure to question an item's admissibility as
evidence.
Most fraud investigators classify evidence into one of the following four types:
• Document evidence;
136
• Physical evidence;
• People evidence -- This includes witnesses, victims, informants, complainants, and
anyone else who can provide information about the fraud; and
• Personal observation.
Document Evidence
One of the most important types of evidence a fraud investigator gathers is document evidence
since it is the largest and the most frequently gathered type of evidence.
To a trained eye, documents can tell a great deal about a fraud. For example, a document can
disclose what happened, who performed a particular function, who authorized the amount of the
transaction, and much more. Documents also contain valuable information that can lead an
investigator to witnesses. The information of a canceled check, for example, can lead to the
teller who cashed it. The teller may remember who came in to cash the check and the
circumstances under which it was cashed.
Documents also provide a paper trail that shows an investigator what happened during each step
as the document was processed.
Documents have a number of distinct advantages. One of those is that they are not plagued with
the problems that attend some witnesses. For example, they do not forget important information,
cannot become flustered or confused during an opposing attorney's cross-examination, lie and
commit perjury, or tell inconsistent stories on different occasions.
Rules for Gathering and Handling Documentary Evidence

Fraud investigators can never be sure how important a particular piece of documentation will be.
Therefore, they ought to treat each piece of documentary evidence with the same care. The
following are 10 general rules about how to care for documentary evidence.
• Retain all documents that may have any bearing on the case.
• Retain the original documents wherever possible. Original copies are considered primary
evidence and are easily admitted as evidence in a trial.
• Do not touch the original documents any more than is necessary. The documents may have
fingerprints, erasures, alterations, etc., which can be harmed or destroyed by handling.
They also may be needed later for forensic analysis.
• Do not change a document's appearance. Do not repair torn or mutilated documents. Do
not bend, fold, mark, or otherwise alter or damage the document in any way. Do not
expose the document to moisture, sunlight, or heat. Do not leave it unprotected at any time.
• Place the originals in a see-through cover that allows them to be viewed and handled
without damaging them. On each cover, mark the date the document was received and the
name of the investigator who received it.
• Make a copy of the original and store the original in a safe place. Use the copy in your
investigation whenever possible.
• Maintain a chain of custody for each document from the time it is received until it is turned
over to the court as evidence. Without this chain, a document may not be accepted by the
courts as evidence. In addition, the opposing attorney will try to show that the document
was altered or tampered with after the investigator received it.
137
o To create the chain, write a memo when it comes into your hands and every time
there is a change. The memo should show when the document was received and
from whom it was received.
• Where it is not possible to obtain physical possession of an existing original document,
make a copy of it. Copies are considered secondary evidence and are only permissible as
evidence when:
o The original has been lost or destroyed by someone other than the party
introducing it as evidence;
o An adverse party has control of the document and it can not be obtained;
o A public office has custody of the document; or
o A summary of the document is required because the original is too large to allow
it to be carefully examined.
• Develop a filing system that allows you to quickly find the documents you need.
Documents can be filed by witness, by transaction, or chronologically. For example, in the
Lincoln Savings and Loan case, the judge placed millions of documents in a document
depository. All interested parties could draw from the depository as needed.
• Create a database containing the following information:
o The date the document was created and the date it was received;
o The source of the document;
o The subject of the document and a brief description of its contents; and
o A number that identifies the document.
Obtaining Documentary Evidence

There are a number of ways to obtain possession of documentary evidence.
• Voluntary consent -- Many of the companies and people being investigated have
nothing to hide and will willingly provide fraud investigators with the documentary
evidence they need. Consent can either be oral or written, with written consent
preferred when the document is obtained from an adverse company or witness.
• Subpoena -- Documentary evidence in the possession of a third party may be difficult
to obtain without a court order. For example, bank and brokerage records, as well as
tax returns, usually require a subpoena from a court or grand jury. Failure to turn
over records when requested by a subpoena is punishable by law.
• Search warrant -- These are issued by a judge when there is probable cause to
believe the records are being used or have been used in committing of a crime. Search
warrants are not granted easily and are usually only used in criminal cases. They are
executed by law-enforcement officials.
Validating Documentary Evidence

Since documentary evidence plays such a large role in most fraud cases, opposing attorneys
often question the authenticity of a document or claim that it has been altered. Such documents
are called questioned documents, and a document examiner is usually called in to examine it.
Types of Document Analysis

Document examiners perform many different types of document analysis. The following are
some of the most common.
• Handwriting analysis -- To determine if a handwritten document or signature is genuine.
138
• Typewriter and printer analysis -- To determine if a document was written or printed by a

particular machine (all typewriters and printers are different).
• Alteration analysis -- To determine if a document has been doctored or altered. They look
for additions (inserts between lines or added words, sentences, or paragraphs) and deletions
(erasures or obliterations).
• Ink analysis -- To determine if all the ink on a document came from the same pen or pencil,
or to determine the age of the ink or lead.
• Paper analysis -- To determine if paper a document is written on is the same texture,
thickness, color, and opacity as the other pages.
In addition, document examiners are sometimes hired to restore a document that has been torn,
mutilated, or burned.
Finding Documentary Evidence

There are a number of ways to find documentary evidence.
• Chance or accident -- Sometimes fraud examiners stumble onto documentary
evidence. Often, an informant or anonymous tip will lead to the discovery of the
evidence.
• Audits -- During the course of an audit, auditors search for and accumulate
documentary evidence. These documents can be used in the fraud investigation.
The company can also request special audits that produce additional evidence for
the investigation.
One specific audit procedure, discovery sampling, is frequently used in fraud

audits. Discovery sampling helps a fraud investigator quantify the probability that
there are not any fraudulent items in a given population. To use discovery
sampling, the investigator selects a random sample from the population and
examines every item to see if it is valid or fraudulent.
The investigator can determine the sample size by looking at a discovery

sampling table, such as the one in Exhibit 6-2.
Example: Suppose the investigator wanted to be 98-percent sure that not more than
one percent of the population contains a fraudulent item.
To determine the sample size, refer to Exhibit 6-2 and do the following:
• Since the table columns indicate the rate of occurrence in the
population, we select the second column from the right (an
occurrence rate of one percent).
• Look down that column until 98 percent is found.
• Move to the left to reach the leftmost column, which contains a
sample size of 400.
• Then, if 400 randomly selected items are audited and no evidence
of fraud is found, the investigation can be 98-percent sure that the
true population fraud rate does not exceed one percent.
139
Exhibit 6-2
Discovery Sampling Table
Probability (percentage) of including at least one error in the sample
Rate of Occurrence in the Population (percent)

Sample
Size 0.01 0.05 0.1 0.2 0.3 0.5 1 2
50 2 5 9 14 22 39 64
60 1 3 6 11 16 26 45 70
70 1 3 7 13 19 30 51 76
80 1 4 8 15 21 33 55 80
90 1 4 9 16 24 36 60 84
100 1 5 10 18 26 39 63 87
120 1 6 11 21 30 45 70 91
140 1 7 13 24 34 50 76 94
160 2 8 15 27 38 55 80 96
200 2 10 18 33 45 63 87 98
240 2 11 21 38 51 70 91 99
300 3 14 26 45 59 78 95 99+
340 3 16 29 49 64 82 97 99+
400 4 18 33 55 70 87 98 99+
460 5 21 37 60 75 90 99 99+
500 5 22 39 63 78 92 99 99+
800 8 33 55 80 91 98 99+ 99+
1,000 10 39 63 86 95 99 99+ 99+
1,500 14 53 78 95 99 99+ 99+ 99+
99
2,500 22 71 92 99 + 99+ 99+ 99+
Evidence can also be found by accessing public and private records. The next section discusses the
public records that are available and the information they contain.
Public Records
It is often necessary during a fraud investigation to find out information about people and
companies. For example, a fraud investigator might want to find out about the lifestyle and
spending habits of a person suspected of fraud.
Investigators typically have to hunt down this information themselves because:

• They do not want to alarm a suspect who turns out to be innocent;
• They do not want to tip off a guilty suspect; and
• Many suspects, especially those who are guilty, will not divulge this information
willingly.
In searching for information about others, it is important to obey privacy laws. However, obeying
these laws does not preclude anyone from finding out a great deal about a person or company by
140
searching public records. Some laws require that records of certain financial transactions be
disclosed and subject to review by the public.
There are many different sources of very valuable financial information, and they should be one of
the first items that a fraud investigator checks out. Public records are available from private
companies and the federal, state, and local governments.
Public Databases
Public databases contain a wealth of information, such as:
• Backgrounds of individuals;
• Bankruptcies;
• Employment histories;
• News stories about a person or company in newspapers and magazines;
• Real estate owned;
• Tax assessments on personal property;
• Tax liens; and
• Uniform Commercial Code (UCC) filings.
No listing of investigative databases would be complete, since new ones are created frequently.
However, a few of the more useful are listed below:
• CompuServ;
• Dialog;
• Dow Jones;
• Lexis/Nexis;
• Newsearch;
• Newsnet;
• Prentice-Hall Legal and Financial Services;
• Redi-Data Services; and
• Westlaw.
Credit Records
The Fair Credit Reporting Act was passed in 1971 to regulate the activities of credit, insurance,
and employment investigations. The law requires these companies to provide individuals with
any information the companies provided to a third party.
A number of companies have developed databases containing a wide variety of credit

information. They use publicly available information and also obtain information from other
organizations such as insurance and credit-card companies. These records are a good source of
information for people's names, family members, addresses, age, income, expenses, purchases,
payment schedules, and buying habits.
Federal Government
The federal government maintains an amazing amount of information on its citizens. Some of
the data is available to private fraud investigators and some is available only to law-enforcement
agencies. Having access to this data is only one of many good reasons to involve law-
enforcement agencies in fraud investigations.
141
• Department of Defense -- This department maintains records on everyone who has

ever served in the military. Therefore, it is a good source for current and past addresses
of those who have or are serving in the military. The agency also keeps records of
anyone who might be a threat to national security.
• Department of Health and Human Services -- This department is responsible for
substance abuse, mental health, Medicare and Medicaid, food and drugs, and Social
Security. Social Security information is especially useful in an investigation. A
person's Social Security number can be used to tap many other information sources. It
can also tell you where the person was living when the number was issued to them.
• Department of Justice -- This department is in charge of the following four agencies,
each of which has databases with large quantities of valuable information:
o Bureau of Prisons;
o Drug Enforcement Administration (DEA);
o Federal Bureau of Investigation (FBI); and
o Immigration and Naturalization.
The Justice Department also administers the offices of the U.S. Attorney and the
U.S. Marshal.
The FBI maintains the National Crime Information Center (NCIC), an electronic
database that contains information on a wide variety of stolen items, missing
persons, and people wanted on outstanding warrants. The FBI also maintains the
Interstate Identification Index, which is an offshoot of the NCIC. It is maintained
for the benefit of state and local law enforcement agencies and contains nationwide
information on arrests and criminal records.
• Department of Labor -- This department maintains records of worker's
compensation benefits.
• Department of State -- This department maintains passport and visa information. A
special office keeps track of everyone investigated for passport fraud.
• Department of the Treasury -- This department is in charge of the following four
agencies, each of which has databases with large quantities of valuable information:
• Bureau of Alcohol, Tobacco, and Firearms;
• U.S. Customs;
• Internal Revenue Service (IRS); and
• U.S. Secret Service.
• U.S. Postal Service -- The postal service has inspectors that investigate fraud using
the mail. Since most frauds make use of the postal service at some point, federal mail
statutes are important investigation tools. Most postal inspectors are eager to help and
easy to work with.
• Central Intelligence Agency (CIA) -- The CIA maintains records on people
applying for work in governmental agencies and on U.S. citizens employed in foreign
countries.
State Government
State governments also have resources that are useful to fraud investigators.
142
• State Attorney General -- This state office cooperates with local agencies to enforce all civil
and criminal state laws. Most states have an investigative division called the State Bureau of
Investigation.
• Comptroller's Office -- This office investigates violations of local tax laws.
• State Corrections Departments -- This department maintains records of all those who have
been imprisoned or placed on probation or parole.
• Alcoholic Beverage Control -- This board investigates violations of state and local
alcoholic-beverage laws.
• Secretary of State -- This office maintains a wealth of business records that reveal when an
organization was incorporated, its initial officers and board of director members, its principal
shareholders and business affiliations, and whether the corporation has paid its taxes. It is
especially useful in trying to identify dummy corporations, trace assets, determine conflicts of
interest, and evaluate changes in financial status. It also maintains Uniform Commercial
Code filings that contain information on loans and mortgages on personal property,
collateral on the loans, the organization loaning the money, and the company's or the
individual's bank.
• Department of Motor Vehicles -- These records can be accessed to obtain a person's name,
address, picture, date of birth, and driving history.
• Department of Business Regulation -- This department maintains records about people who
need a license or permit to work in their professions. These records provide business
addresses, professional credentials and specializations, and any investigations or complaints
about the individual.
City and County Records

Fraud investigators can find a great deal of valuable information about people and companies in
city and county records.
• County Clerk -- This office maintains voter registration records, which contain a person's
name, family members who also vote, current and past address, age, unlisted phone number,
birth date, signature, and Social Security number.
The county clerk also maintains marriage-license records, which contain

much of the voter registration information plus the addresses of the
parents, driver’s license numbers, passport numbers, prior marriages, and
witnesses to the marriage.
• County Land Office -- This office maintains records of all the real estate in the county. For
each parcel of land, the records show the present and former owners, any indebtedness, the
mortgage holder, and trustees. These records sometimes reveal the identity of the seller, the
broker, and the attorneys involved in the transaction.
• Tax Assessor -- This office maintains property-tax records, which contain the property's legal
description, assessed value, and whether the taxes were paid.
• Law enforcement -- The police, sheriff, and county constable's offices maintain information
on arrests, indictments, convictions, incarceration, and probation.
• Courts -- The courts maintain information on bankruptcies, divorces, property settlements,
lawsuits, wills, and probate. These records may contain information about a suspect's lifestyle,
living expenses, debts, and inheritances.
143
Net Worth
The most popular method for determining the amount of money a perpetrator stole is a net-worth
calculation. It is a circumstantial rather than a direct method of proving that illicit income exists.
The technique is especially useful when the perpetrator receives cash or funds that cannot be
traced directly to them. The higher the percentage of illicit income to total income, the more
valuable the method is.
Net worth analysis reveals discrepancies between reported income and expenditures. The logic
behind the analysis is that one cannot spend more than one makes. These discrepancies can be
uncovered using either the asset method or the expenditure approach.
Asset Method
The asset method uncovers inconsistencies in revenue and expenses when the perpetrator uses
illicit income to purchase assets. For example, a $25,000-a-year bank clerk cannot afford a 40-
foot yacht and a Porsche convertible unless there has been a large inheritance.
Expenditure Method
The expenditure method is used when the illicit income is spent on expensive living, travel, and
entertainment, rather than to buy assets such as cars and boats. For example, the above-
mentioned bank teller could not afford to eat at expensive restaurants every night and take
multiple trips to South America and Europe.
Net-Worth Calculation and Formula

Net-worth analysis requires the investigator to put together a financial profile of the suspect
before and after the suspected fraud. At both periods of time, all material assets and liabilities,
all sources of income, other sources of funds (loans, asset sales, etc.), and all material expenses
must be determined. Exhibit 6-3 lists typical assets, liabilities, sources of funds, and
expenditures. It also lists some questions that investigators should answer about these items.
Exhibit 6-3
Financial Profile Checklist
Typical Assets For each significant asset, determine:

Cash on hand Jewelry • When was it acquired and from whom?
Residence Clothing • How much did it cost?
• How was it paid for (currency, check, cashier’s
Real estate Collectibles check, etc.)?
Bank accounts Insurance • What source of funds was used to acquire it?
• What documentation exists for the purchase and
Stocks and bonds Home furnishings where is it?
Automobiles Boats
Typical Liabilities For each significant liability, determine:
Mortgage(s) • What was the original amount of the liability?
Other loans • What is the present balance due?
Lines of credit • When was the liability incurred?
144
Credit cards • What was the purpose for the loan or debt?
• How were the proceeds used and where were they
Accounts payable deposited?
Taxes • What security, if any, was given for the debt?
Alimony, child • What documentation exists for the transaction and
support where is it?
• Was the debt written off as a bad loan for tax
purposes?
• Who was the creditor or lender?
Typical Sources of Funds For each source of funds, determine:
Salary Insurance proceeds • What was the total amount during a given period?
Commissions and
Gifts fees • What was the source?
• How was it paid for (currency, check, by other
Rental income Awards means)?
Dividends Inheritances • Where were the funds deposited?
Disability
Interest payments • How was it spent?
Sale of assets • What documentation exists and where is it?
Typical Expenditures For each major expenditure item, determine:
Rent and mortgage Clothing • What was the total amount spent?
• How was it paid for (currency, check, credit card,
Health costs Utilities etc.)?
Interest on loans Food • Where were the funds obtained to pay the expense?
Credit cards Insurance • What documentation exists and where is it?
Car payments Travel • When was the payment made?
Source: Financial Investigation: A Financial Approach to Detecting and Resolving Crimes,

Department of the Treasury, Internal Revenue Service.
The information needed for net-worth analysis is found by examining the public and private
records mentioned earlier. This information can be supplemented by interviewing vendors from
whom the subject purchased items.
The net-worth method is frequently used in fraud investigations. For example, the DEA uses it
to determine whether suspected drug dealers have illegal income from illicit sources. The IRS
uses it in tax-fraud cases to estimate a taxpayer's unreported income. The FBI also uses it.
The net-worth method produces a conservative calculation of the amount of money the
perpetrator has taken. As a result, it is readily accepted as documentary evidence in a court of
law.
The net-worth method is also very useful for obtaining perpetrator confessions. In an interview,
the investigators ask the perpetrators questions about financial status. When they catch the
perpetrators in enough lies, they reveal the information gathered and their calculations. The
145
perpetrators usually recognize that the investigators know both the financial situation and that
they have spent more money than they earned. They also realize it is futile to try and lie their
way out of the situation, and they confess.
The basic formula for the net-worth calculation is as follows:
+ Assets
– Liabilities
= Net worth
Net worth
– Net worth in prior period
= Net-worth increase
Net-worth increase
+ Living expenses
= Income
Income
– Funds from known sources
= Funds from unknown sources
Exhibit 6-4 is an illustration of the use of the net-worth method to calculate the amount of
money a person took from the company. The figures in the illustration were found using many
of the public records discussed above.
You will note from looking at this figure that:

• The perpetrator took an estimated $113,000; and
• The money was used to buy a new $50,000 sports car, pay off $50,000 of his
mortgage and the rest of his debts, and stash an additional $9,000 in his bank
account.
Exhibit 6-4
Net-Worth Analysis
Year 1 Year 2
ASSETS AT COST SOURCES OF FUNDS Year 2
Cash 1,000.00 10,000.00 Salary 37,000.00

Home 150,000.00 150,000.00 Sale of old car 3,000.00
Cars 5,000.00 50,000.00
Investments 1,000.00 1,000.00
TOTAL ASSETS $157,000.00 $211,000.00 TOTAL SOURCES OF FUNDS $40,000.00
146
LIABILITIES LIVING EXPENSES
Mortgage 125,000.00 75,000.00 Mortgage payment 12,000.00

Car loan 4,000.00 - Auto loan payment 1,000.00
Credit Card balances 4,000.00 - Other living expenses 28,000.00
TOTAL LIABILITIES $133,000.00 $75,000.00 TOTAL LIVING EXPENSES $41,000.00
NET WORTH $24,000.00 $136,000.00
Net-Worth Calculation
Net worth year 1 $24,000.00

Net worth year 2 (136,000.00)
Net worth increase 112,000.00
Living expenses 41,000.00
Income 153,000.00
Funds -- Known sources (40,000.00)
Funds -- Unknown sources $113,000.00
Vertical and Horizontal Analysis

Vertical and horizontal analysis, which was described in Chapter 5, is also used to develop
documentary evidence.
People Evidence
People in and out of the defrauded company are sources of evidence for fraud investigators.
Perpetrators do not live in a vacuum; they interact with others who are most likely to see a
change in their behavior. The people with whom the perpetrator interacts may notice that the
perpetrator has purchased a new home, car, or expensive toys or that they are hiding something
or acting strangely. For whatever reason, these people may actually know what the perpetrators
are doing or have strong suspicions. These are the people the fraud investigator wants to find.
One of the challenges of a fraud investigation is finding these people. Some may come forward
voluntarily; others may anonymously provide the information; and still others will not divulge
what they know until they are interviewed or interrogated. The last three of these are discussed in
this section.
Hotlines and Informants

For a hotline to be successful, it must possess the following:
• A guarantee of anonymity, to open up lines of communication and allay fears of
reprisal.
• Call-back ability, so the investigator can get additional information from the
tipster. Since most callers will not leave a number, they can be encouraged to call
back.
• Experienced phone operators to maximize the amount of information given by the
tipster and to screen out calls without merit.
147
• It should prompt investigations to show employees that the tips are taken
seriously by management. Such investigations can also keep the trail from
“getting cold.”
• Awareness campaigns, so employees are made aware of and periodically
reminded of the hotline and its guarantee of anonymity.
• Top management support, so everyone in the organization takes the hotline
seriously.
Interviews
An interview is a systematic questioning of people who might know something about a fraud. It
is one of the most important tools in the fraud investigator's tool bag. Interviews are used to
obtain the following:
• Information about the essential elements of the fraud;
• Information about a witness's personal background and motives;
• Cooperation from victims and witnesses; and
• Leads to witnesses or other evidence to help build the case.
Types of Interviewees
An investigator will interview the following three distinct types of people.
• Cooperative interviewees -- These people are overly helpful, and the investigator
must carefully determine their motives. Do the interviewees have a sincere desire to
help? Are they trying to get even with the suspect? Are they trying to direct attention
away from themselves as suspects?
• Neutral interviewees -- They have no hidden motives or agendas. They have nothing
to gain or lose from the interview and are usually the most helpful and objective of all
the interviewees.
• Hostile interviewees -- They are often associated in some way with the suspect or the
crime. They are the most difficult to interview and normally should be interviewed
without prior notice. The element of surprise makes it harder for hostile interviewees to
prepare defenses.
Interview Phases
A good interview has three distinct phases.
• Introduction -- The purpose of the interview should be clearly stated. Background
information about the person is obtained as is a commitment to cooperate with the
investigation.
• Body -- Here is where the person is questioned to determine the facts of the fraud. The
interviewer should make every effort to find out as much about the who, what, when,
where, why, and how of the fraud.
• Close -- The investigator should thank interviewees for their cooperation. The
investigator should also ask for leads by asking if there is anything else to discuss or
anyone else to talk to.
Interview Guidelines
The following guidelines, if followed, will produce the most useful interviews.
148
• Carefully plan the interview to maximize the information received and minimize the time
conducting it.
• Determine in advance as many facts as possible about the fraud and the person being
interviewed.
• Determine when to conduct the interview. If the interviewee is believed to be cooperative
or neutral, set up an appointment. The best interview location is the interviewee’s place of
business since there is greater access to any needed papers, books, or people. Look for a
room where distractions from colleagues and telephones can be eliminated or minimized.
Allow more than enough time for each interview.
• Select a room that is as bare as possible. Do not have a desk or other physical barrier
between you and the person being interviewed. This provides the investigator with a full
view of the body posture and language of the suspect. Sit approximately four to five feet
away from the interviewee. Stay seated; do not walk around the room.
• Interview one person at a time and inform each interviewee ahead of time of any
information that will be needed in the interview.
• Conduct the interview in a professional manner. Remember that you are seeking the truth,
not trying to get a confession or a conviction.
• Ask short questions that are clearly and easily understood. Avoid asking yes and no
questions; instead ask questions that require narrative answers. Do not ask leading
questions that suggest part of the answer.
• Concentrate on the interviewee's answer rather than the next question you plan to ask.
Make sure you understand the answer before you continue.
• Control the interview. Do not allow interviewees to wander, get you sidetracked, confuse
the issue, or not answer important questions.
• Be courteous, respectful, and polite and do not talk down to the person. Do not be
authoritarian or attempt to dominate the interview. Be friendly but maintain a professional
distance.
• Be sensitive to personal matters such as gender, race, religion, and ethnic background.
Avoid politically incorrect language, and do not use technical jargon.
• Be sympathetic, where appropriate, and tell the person that anyone might have done the
same thing if the circumstances were the same.
• Do not take notes during the interview. Ask permission to tape the interview.
• Ask the interviewee to provide the factual basis for conclusions.
• Thank the interviewee for taking the time and trouble to cooperate.
Stages of Those Affected by Fraud

Interviewers who understand how people are affected by a fraud are more effective than
interviewers who do not. Most people are shocked to learn that a fraud has taken place at the
company. When the fraud is brought to light, most go through denial, then anger, rationalization,
depression, and finally acceptance. Each of these stages is now briefly discussed.
• Denial -- A person's first reaction to any crisis is denial. People manifest their denial by
refusing to accept that the fraud occurred, insisting that there is some mistake, acting stunned
or dazed, or being unable to comprehend what took place. The denial phase is dangerous to
149
the company since it provides the perpetrator with time to hide, change, or destroy
documentary evidence.
• Anger -- Once people realize that a fraud actually did take place, they become angry. Their
anger may cause them to strike out at those around them and to say and do things they later
regret. Sometimes this results in lawsuits for slander, libel, assault, battery, or wrongful
termination. For obvious reasons, this stage is not a good time to try and investigate or resolve
frauds.
Example: One angry fast-food restaurant manager suspected an employee of

stealing. He called the police and had him handcuffed and dragged out of
the store in front of customers. The employee was innocent and won a
$250,000 lawsuit. Some guilty perpetrators have won legal settlements
larger than the amounts they embezzled.
• Rationalization -- In this stage, people try to explain away or minimize the fraud. They
rationalize that:
o The fraud was not all that bad;
o The perpetrator must have had a good reason; or
o The perpetrator is a good person who made a mistake and deserves a second
chance.
o Interviews during this stage can lack objectivity, make finding the truth difficult,
and harm prosecution efforts. The rationalizations lead to a decision not to
prosecute, to weak testimonies and to easy penalties.
• Depression -- As a person realizes the fraud is more than just a little mistake, a period of
depression sets in. This is often caused by a sense of loss, disappointment, or embarrassment.
If people withdraw, lose interest, or become uncooperative, they may not be willing to help
with the investigation. Interviews in this stage are often not as useful as those in the
acceptance stage.
• Acceptance -- Most people affected by a fraud eventually accept what happened, put it
behind them, and move on. The acceptance stage can be reached faster and easier by
explaining the perpetrator's motivations and sharing the facts surrounding the fraud.
Interviews in this stage are the most useful since witnesses are the most willing to help and
cooperate.
Interrogation
An interrogation is a structured interview of a suspect or target for the purpose of obtaining a
voluntary and legally binding confession of guilt.
• Purposes -- An interrogation has three main purposes:
o To obtain an admission of guilt. However, many fraud perpetrators do not
confess during an interrogation.
o To identify and neutralize any defenses the perpetrator may raise.
o To obtain information that can be used to impeach the perpetrator.
Information impeaching a suspect's honesty is almost as good as a
confession.
150
The difference between an interview and an interrogation is that an interview is

conducted to obtain information about the fraud, while an interrogation is
conducted to obtain a confession or information that can impeach the suspect.
Investigators can move from one to the other. For instance, an interview can turn
into an interrogation if the investigator begins to suspect the interviewee is guilty.
Likewise, an interrogation can turn into an interview if the investigator perceives
the interviewee not to be guilty.
The suspect is usually the last person the investigator interviews. An investigator
cannot be too prepared for this interrogation since the strength of the case may
depend heavily on a confession or evidence to impeach the suspect. The
interrogation should only be conducted when:
o As much information as possible has been gathered from sources other
than the suspect;
o There is evidence that only the suspect can provide; and
o The investigator is able to control the time and place, as well as the subject
matter of the interrogation.
The investigator should follow the interview guidelines mentioned above. In

addition, the investigator must be very patient since getting a person to confess
guilt is not easy and takes time. The investigator should also follow the
traditional guidelines listed below.
o Make sure the suspect voluntarily consents to the interrogation.
o Allow the suspect to terminate the interrogation when desired.
o Never make suspects feel as though they are trapped, such as by locking
the interview room.
o Never deny suspects the right to consult with an attorney or have one
present during the interrogation.
o Whenever possible, never have anyone other than the suspect in the room.
• Techniques -- There are a number of techniques the investigator should use when
guilt is reasonably certain.
o The investigator should begin by introducing himself or herself and
explaining why he or she would like to talk to this person.
o Help suspects get used to answering questions by asking about their
background. Also try to pick up leads in case the suspect later refuses to
cooperate. While asking these nonthreatening questions, carefully look
for suspicious behavior.
o Politely, but directly and without qualification, confront the suspect and
observe the reaction. If the suspect strenuously denies the allegation, that
is often a sign of innocence. A passive reaction by the suspect could be an
indication of guilt.
o Provide suspects with a morally acceptable excuse for their behavior. The
intent is for the suspect to be able to say "It was okay for me to do it
because … " If the excuse is accepted, this may be an indication of guilt.
151
o If guilt is denied, show the evidence. Suspects never confess as long as

they are still denying guilt. Again, provide a morally acceptable
rationalization for the behavior.
o If the suspect does not accept the rationalization, offer alternate
rationalizations and ask about guilt again in a nonoffensive way.
o If that does not work, try to get the suspect to explain the behavior. Try
for a partial admission of guilt because that often leads to a full admission
later on.
o Try to catch the subject lying about some aspect of the fraud. Suspects
lose confidence when they realize you know when they are lying.
o If the suspect does confess, assure the suspect that it is the right thing to
do. Keep the suspect talking and try to get all the details.
o Write the confession down. Be sure to include the suspect's reason for
committing the fraud. Do everything possible to get the suspect to sign
the confession before leaving.
o End the interrogation on a positive note because the suspect's cooperation
may be needed in the future. Suspects are more likely to cooperate later if
they believe the investigator is not out to hurt them.
In order for an interrogation to be successful, the fraud investigator must confront

perpetrators in a positive way and provide them with an "out" (rationalization for their
behavior). People who commit fraud need a safe harbor, and the fraud investigator must
provide this. The investigator should minimize the crime and maximize the sympathy
offered to the perpetrator.
Personal-Observance Evidence
Most auditors use observation as a means of gathering evidence in their audits. For example,
they observe the client taking inventory and test count it. Fraud investigators also observe items
or activities of interest. However, they expand the observation evidence to include surveillance,
undercover operations, and invigilation.
Surveillance
Surveillance is the secret and continuous observation of persons, places, and things to obtain
information about the identity and activity of individuals suspected of fraud. It provides
evidence that is probably not available through any other means.
The objectives of surveillance are to:

• Obtain information and evidence regarding the fraud;
• Develop investigative leads;
• Catch perpetrators in the act of committing the fraud;
• Obtain sufficient evidence for a search warrant to be obtained; and
• Identify people who are colluding with or helping the perpetrator.
Surveillance can be stationary, such as a stakeout, where the investigator does not move,
or it can be a moving surveillance, where the investigator follows the subject moving
152
from place to place. Electronic surveillance is the use of some sort of electronic device,
such as a hidden tape recorder or video camera.
Great care should be used to make sure that surveillance does not violate applicable
privacy laws. It is a good idea to receive clearance from human resources and the legal
department before using surveillance as a tool in a fraud case.
Undercover Operations
In an undercover operation, a person assumes a new identity in order to gather information about
a fraud. These operations require a high degree of skill and planning to be successful. Done
properly, they can produce a great deal of information and evidence. If the surveillance
backfires, someone could get hurt or the company could blow its whole case.
An undercover operation is best used when there is collusive fraud on a large scale that cannot be
investigated thoroughly in any other way. It is wise to use or consult law-enforcement agencies
in undercover operations.
Searches
Searching a suspect's desk, locker, or other work area can produce valuable evidence. However,
improper searches can open an investigator and the company to many charges. These charges
include assault, battery, false imprisonment, invasion of privacy, slander, defamation, wrongful
or abusive discharge claims, or grievances and arbitration in a union environment.
To avoid these problems:

• Consult legal counsel before conducting any searches.
• Develop a policy allowing you to search ALL company property. Have
employees read and sign it. Give them a copy and keep a copy in the employee's
personnel file.
• Post the search policy where employees will see it and include it in all company
handbooks and policy statements.
• If appropriate, clear the search policy with company unions.
• Do not conduct the search in the presence of other company employees.
• Conduct the search on company time and in a dignified and reasonable manner.
• Do not touch employees.
Invigilation
Invigilation is a process of observing and controlling company activities so closely for a period
of time that fraud is virtually impossible. Company results before or after the period of
invigilation are then compared to the results during the fraud.
Example: A gasoline distributor suspected it was losing fuel in an inventory fraud. It

hired a virtual army of guards for a 30-day period to patrol the plant so
closely that fuel could not leave without the guards knowing about it.
After the invigilation, investigators compared the before-invigilation

orders of its customers to their orders during invigilation. Two gas
153
stations went from ordering 2,000 gallons a month to almost 19,000

gallons. The orders of these stations were monitored after the invigilation
period and within a few months their orders were back down to 2,000
gallons. A surveillance using night cameras caught the stations receiving
stolen gasoline. An examination of their books showed they had colluded
with a company employee to defraud the distributor out of 62,000 gallons
of gas.
Invigilation can, however, be a time-consuming and expensive investigative technique. As a

result, it is usually not used unless other investigative techniques fail. The following guidelines
help maximize the use of the technique:
• Obtain top management approval for the operation.
• Determine exactly what the invigilation should accomplish.
• Restrict the invigilation to a specific and self-contained area.
• Review the records of the area to be controlled during the invigilation to become
more familiar with its normal operations.
• Determine beforehand exactly which controls are needed to prevent the fraud
during the invigilation period.
• Conduct the invigilation for a minimum of two weeks.
Physical Evidence
Physical evidence is the least-used type of evidence in a fraud investigation. In other crimes, it
involves the examination and analysis of items such as murder weapons, drug paraphernalia, etc.
A fraud investigation can sometimes involve the examination and analysis of things like:
• Fingerprints;
• Broken locks;
• Physical objects, such as stolen inventory;
• Substances, such as grease and fluids;
• Traces, such as paints and stains; and
• Impressions, such as cutting marks and tire tracks.
Case Study
Directions:
1. Review the information.
2. Use the space provided for your notes.
The Facts:
The property/casualty insurance industry estimates that 10 percent of the $200 billion in annual
claims payouts is bogus. Insurance and law-enforcement officials say that the profits from fraud
are enormous and the chance of prosecution is usually small. Consider the following three types
of scams:
1. Staged car accidents, in which con artists hire people to cause a collision so they can
inflate legal and medical bills.
154
2. Faked deaths, especially those taking place overseas. Desktop publishing systems are
used to create authentic-looking copies of death certificates. In Long Beach, Calif., these
certificates had a street value of up to $1,000. In addition, for the right amount of money,
officials in some countries are willing to hand out death certificates.
Example: In an actual incident, one father tried to collect on a $10,000 insurance

policy on his son who supposedly died in a taxi accident in Mali. An
investigator found his son playing in his grandfather's yard. The official
who signed the death certificate admitted signing it without seeing the
body.
3. Inflated property-loss claims, such as in the following example:

• Transamerica Insurance received a $90,000 claim from E. Vincent Leather
Goods, a luggage retailer. A fire that killed two people also destroyed a third of
its inventory and damaged its building. Domenick Casati, the owner of Vincent
Leather, hired Seymour Berson, a public adjuster, to prepare its case and present it
to the insurance company. Berson's fee for such cases sometimes reached 33
percent of the settlement amount. Transamerica hired an independent salvage
company to inspect the damage. Joseph Rigney, the salvage-company employee,
claimed that the inventory was so badly damaged it could not be salvaged.
Dennis Stern, a claims adjuster for Transamerica, disagreed with the claim
amount and reduced it by several thousand dollars before signing off on the claim.
Unfortunately, the actual loss was only about $10,000, and the claim was inflated by
more than $80,000.
The fraud was detected when the storeowner's son let it slip to Transamerica's
broker that the claim was inflated. The ensuing investigation revealed that
Berson, Rigney, and Stern were all linked to several other suspicious claims.
Investigators got the storeowner to confess to his part of the scheme and to tape
Berson saying that if everyone "kept their mouths shut," Transamerica would
suspect nothing and pay the claim. With the scam falling apart, Casati, Berson, and
Stern plea-bargained; Rigney was convicted of fraud.
The Justice Department, the Postal Service, and the IRS undertook a massive
investigation into these types of property losses. What did the investigation
uncover?
• The U.S. Postal Inspector on the case stated that he had never seen such pervasive
fraud in his 21 years as an investigator.
• More than 100 defendants were accused of cheating insurance companies out of
more than $500 million by fabricating or inflating claims; over 90 have been
convicted.
• Insurance claims adjusters admitted to taking bribes of up to $75,000 per claim.
Case Questions:
155
1. What red flags might indicate a fraudulent life insurance claim?
2. Why is the property/casualty claims adjusting process highly susceptible to fraud?
3. What can insurance companies do to increase the likelihood of detecting bogus claims?
4. How could computers be used to detect bogus claims?
Suggested Solutions -- Case Study

1. The following red flags indicate that a claim may be fraudulent:
a. Death occurred overseas. In places such as Haiti and Zaire, political turmoil
makes investigations difficult and false death certificates easy to get.
b. Lack of physical evidence. Fake claims often state that the body was cremated.
c. Papers are in perfect order. Relatives of someone who dies often do not know
what insurance paperwork is needed. A red flag is raised when the beneficiary
quickly provides all of the required documentation.
2. The property/casualty claims adjusting process is susceptible to fraud for the following
reasons:
a. Claims of less than $50,000 are rarely investigated.
b. Insurance companies are forced to rely on independent contractors over whom
they have little control to estimate the damages.
c. There are few checks on employee honesty and there are many opportunities to
commit fraud.
3. Insurance companies can take the following steps to detect fraudulent claims:
a. Pay attention to details such as photos that do not show the reported damage and
water beaded up on surfaces days after an accident supposedly happened. (Note:
One investigator found two claims to totally different insurance companies that
had the exact same damage photos.)
b. Pay special attention to water damages, as they are a common theme of many
property/casualty claims. (Note: One public adjuster had a plumber install a
urinal in a business so employees could break the connecting pipes and cause
water damage.)
c. Inspect more claims sites.
4. Computers can be used in the following ways to detect fraudulent claims:

a. Develop a program that flags suspicious claim patterns or statistical anomalies
such as:
• Does a particular adjuster file a disproportionate number of water claims?
• Does the pairing of a particular adjuster and salvage inspector result in an
unusual number of decisions to leave the damaged goods with the
policyholder?
156
b. Create massive databases using law-enforcement and insurance company records.

For example, the National Insurance Crime Bureau (NICB) has gathered 300
million records. Their investigators search for suspicious claims that have the
same doctor, lawyer, address, or driver’s license number. Since the insurers who
fund NICB do not share information directly, they avoid privacy and anti-trust
issues.
The Sarbanes-Oxley Act of 2002
How the Sarbanes-Oxley Act of 2002 Impacts the Accounting Profession

President George W. Bush signed the Sarbanes-Oxley Act on July 30, 2002. The Act, which has
a significant effect on the accounting profession, applies to publicly held companies and their
audit firms. The biggest impact of the Act is on all CPAs who audit publicly traded companies,
especially the largest accounting firms.
However, there is concern that there will be a cascade effect. Of special concern is the possibility
that the Act may influence other federal and state legislative or rule changes. That could result in
Sarbanes-Oxley requirements trickling down and directly affecting small businesses, nonpublic
companies subject to other regulations, and the CPAs that provide services to them.
The most important aspects of Sarbanes-Oxley Act are discussed as follows.
Public Company Accounting Oversight Board

Sarbanes-Oxley created a new Public Company Accounting Oversight Board (PCAO
Board). The PCAO Board will oversee and investigate the audits and the auditors of
public companies. Details of the PCAO Board are as follows.
• Composition -- The SEC appoints and oversees the five full-time PCAO Board members
to five-year terms. Three of the five PCAO Board members must not be and cannot have
been CPAs (they are known as the “Non-CPA members”). The remaining two must be or
have been CPAs (they are the “CPA member”). The chairperson can be a CPA member,
but cannot have practiced accounting during the five years preceding the appointment.
PCAO Board members can be removed by the Commission “for good cause.” Salaries of
the PCAO Board members are in the range of $400,000 per year and above.
• Funding -- The PCAO Board is funded in several ways. Public companies will pay
mandatory fees and accounting firms that audit public companies must register with the
PCAO Board and pay registration and annual fees.
• Standard setting -- For public company audits, the PCAO Board will set standards for
audit-firm quality controls. They can do this by setting the standards themselves or by
adopting standards set by other groups or organizations, such as the FASB, ASB, etc. The
PCAO Board is to set standards for services such as auditing and other related attestation
services, quality control, ethics, independence, and any other standards that are necessary
to protect the public interest. All public accounting firms that assist in the preparation or
issuance of any audit report must register with the PCAO Board.
• Investigative and disciplinary authority -- The Sarbanes-Oxley Act gave the PCAO
Board the following powers:
o The power to regularly inspect the operations of registered accounting firms.
157
o The power to investigate potential violations of securities laws, standards,

competency, and conduct. During these investigations, the PCAO Board has the
power to require registered accounting firms to testify or produce documents.
They can also request information from relevant persons outside the firm. In
certain circumstances, and with SEC approval, the PCAO Board can also
refer investigations to the Department of Justice, state attorneys general, or
state boards of accountancy.
o The power to sanction firms and individuals for violations of laws,
regulations and rules. Sanctions can be imposed for a number of reasons,
including noncooperation, violations, or failure to supervise a partner or
employee in a registered accounting firm. The PCAO Board can impose
the following sanctions:
• Revocation or suspension of an accounting firm's registration;
• Prohibition from auditing public companies; and
• Imposition of civil penalties.
• International authority -- In one of its more controversial parts, the
Sarbanes-Oxley Act requires foreign accounting firms: (i) to be subject to
the authority of the PCAO Board if they prepare or furnish an audit report
involving U.S. registrants; and (ii) to supply their audit workpapers upon
request to the PCAO Board or the SEC if a registered U.S. accounting firm
relies on the opinion of the foreign accounting firm.
New Roles for Audit Committees and Auditors

Sarbanes-Oxley changed the relationship between accounting firms and their publicly held audit
clients.
• Auditors now report to and are overseen by the company's audit committee, not
company management. All audit committee members must be independent members
of the board of directors.
• All audit and nonaudit services provided by the auditor must be preapproved by the
audit committee.
• The auditor must report the following new information to the company’s audit
committee:
o Critical accounting policies and practices to be used;
o Alternative treatments of financial information within GAAP that have
been discussed with management;
o Accounting disagreements between the auditor and management; and
o Other relevant communications between the auditor and management.
• Sarbanes-Oxley statutorily prohibits the following eight services and makes it
unlawful for an auditor to provide them to a publicly held client company. (Services
other than those banned are allowed if the audit committee preapproves them):
o Bookkeeping;
o Information systems design and implementation;
o Appraisals or valuation services;
o Actuarial services;
o Internal audits;
o Management and human-resources services;
158
o Broker/dealer and investment banking services;

o Legal or expert services unrelated to audit services; and
o Other services the PCAO Board decides to prohibit.
• On public-company engagements the lead audit partner as well as the audit-review
partner must be rotated every five years.
• Accounting firms are not allowed to provide audit services to public companies if
one of their company's top officials was employed by the accounting firm and
worked on the company's audit during the previous year. Top officials would
include the CEO, Controller, CFO, Chief Accounting Officer, and other such
officers.
Criminal Penalties
Sarbanes-Oxley created several penalties.
• Individuals who willfully fail to maintain audit and review workpapers for at least five
years can be convicted of a felony, with penalties of up to 10 years. The law instructs the
SEC to establish a rule covering the retention of audit records. The PCAO Board is to issue
standards that compel auditors to keep other documentation for seven years.
• Destroying documents in a federal or bankruptcy investigation is a felony, with penalties of
up to 20 years.
• Securities-fraud criminal penalties were increased to 25 years.
• The statute of limitations for the discovery of fraud was changed. It is now extended to the
earlier of two years (rather than one) from the date of discovery and five years (rather than
three) after the act.
• Sarbanes-Oxley bans personal loans to executives and directors.
• The Act prohibits insider trading during blackout periods.
• Directors, officers, and 10% owners must report certain transactions by the end of the
second business day following the day on which the transaction was made.
• A violation of the Sarbanes-Oxley Act or of any SEC or PCAO Board rule is treated as a
violation of the SEC Act of 1934.
• Employees of public-companies and accounting firms are given “whistleblower protection”
when they lawfully disclose private employer information to certain parties when there is a
fraud claim.
Financial Reporting and Auditing Process Additions

With respect to financial reporting and auditing processes, issuers of public stock and their
auditors must follow certain new rules and procedures.
• Every public-company audit report must undergo a thorough second partner review and
approval.
• Management is now required to assess the effectiveness of the company’s internal-control
structure and procedures and make representations about them.
• All audit reports must attest to management’s assessment of the company's internal-control
structures. The audit report must also include a specific notation about any significant
weaknesses or any material noncompliance found during the tests.
• Every public-company must state whether or not it has adopted a code of ethics for senior
financial officers.
159
Business and Industry CPAs

CPAs in business and industry are also impacted by the Act, as CEOs and CFOs are now
required to certify company financial statements and have new requirements regarding enhanced
financial disclosures. Top management also has greater responsibilities with respect to
communicating and coordinating with corporate audit committees.
Recent Accounting Scandals
The Collapse of Enron Corporation

How could America’s seventh-largest company (the sixteenth largest in the world) go from
billions of dollars in revenue to one of the largest corporate bankruptcies in United States history
in a matter of months? In the wake of Enron’s downfall, thousands of employees have become
jobless with worthless pensions, one of the former Big Five accounting firms, Arthur Andersen,
has utterly crumbled, and hundreds of American companies using aggressive accounting
methods have been affected. In sum, the entire ambit of financial-statement reporting has come
under scrutiny -- all due to the catalytic disclosure of Enron’s corrupt accounting practices.
A Rocky Start to Rocketing to the Top

Enron Corporation was formed in July 1985 as the result of the merger of Houston Natural Gas
and InterNorth of Omaha, Nebraska. From the company’s inception, Enron was saddled with
considerable debt acquired from the merger. Furthermore, natural-gas pipelines had just been
federally deregulated and Enron no longer had exclusive rights to its pipelines.
Struggling to cope with the new forces of the marketplace, Enron realized it was necessary to
change its business strategies in order to turn a profit. The company resorted to assistance from
the consulting firm of McKinsey and Company. There, a young consultant named Jeffrey
Skilling was given the task of improving Enron’s approach. Skilling was indeed the remedy to
Enron’s woes; in fact, he came up with an innovative plan that revolutionized the gas-pipeline
business.
Skilling created the idea of a “gas bank” in which Enron would purchase gas from a ring of
suppliers and then sell it to a group of consumers. The price and supply were both guaranteed in
the form of a contract, and Enron extracted fees for transactions and for assuming the risks. This
idea of the energy derivative immediately took off, and Enron’s CEO, Kenneth Lay, rewarded
Skilling’s ingenuity by making him head of the newly created Enron Finance Corporation in
1990.
Enron soon became one of the world’s leading energy, commodities, and service companies by
marketing electricity and natural gas, delivering energy and other physical commodities, and
providing financial and risk-management services to customers around the world.2 By the early
1990s, Enron Corporation had established itself as one of the largest corporations in the United
States and was a favorite of Wall Street as the leading trader of electricity in the nation. On the
2001 Fortune 500 list, Enron ranked seventh with revenues of $101 billion in the year 2000.3 In
2
www.enron.com.
3
www.fortune.com.
160
early January 2001, shares of Enron stock were trading for slightly more than $80 a share, and
the market capitalization of the company was around $60 billion.
Cracks Appear
Enron’s success of the 1990s would not last, however. The company’s good fortune really began
to sour at the beginning of 2001, and the company hit rock bottom on December 2, 2001 when it
voluntarily filed for Chapter 11 reorganization with the U.S. Bankruptcy Court for the Southern
District of New York. To date, Enron’s $63 billion filing is one of the largest corporate
bankruptcies in United States history.
What led to this demise of such massive proportions? First of all, Enron’s corporate culture
made conditions ripe for wrongdoing. The company adopted a diehard obsession with being the
best, and that obsession was filtered down through the ranks. Enron sought out the best
employees and the brightest recruits, while showering them with limitless merit-based bonuses.
The perks of being affiliated with one of the world’s top corporations, however, did not come
without a price. Pressure to deliver solid earnings was exuded through every facet of the
company. Performance reviews became little more than profit-assessment evaluations where
employees were sized up through a merciless ranking system. Internal competition and secrecy
reigned wildly and the burden of delivering immediate tangible profits caused the company to
value instant earnings rather than slowly maturing deals.
Enron’s financial difficulties started in the late 1990s when the company incurred millions of
dollars of investment losses. Despite the company’s apparent financial difficulties, Enron
executives began to look for ways to hide the company’s losses instead of getting financial help
and making early, full public disclosures. This was done to meet Wall Street’s demand for
smoothly growing earnings and to keep the company’s stock price rising. Enron employed all
kinds of tactics to remove assets from its books, and executives started running mysterious off-
balance-sheet partnerships. Assets were taken off Enron’s books and parked with partnerships
controlled by Enron executives.4 Debt was taken on by the related partnerships and then ignored
in Enron’s audited financial statements.5 Enron disclosed as little as possible about these
partnerships, and financial-statement users were left with a set of highly complicated financial
statements that were difficult to understand.6 In short, Enron was cooking the books.
Enron’s partnerships were only part of the financial scandal. Enron was also overly aggressive
in its use of mark-to-market accounting. Mark-to-market accounting entails pricing securities at
their fair value and running gains or losses through the income statement. While mark-to-market
accounting is not illegal in and of itself, it creates the potential for abuse and manipulation of the
financial statements, especially when companies have no benchmark of fair value. Enron’s long-
term energy contracts were priced in an illiquid market where there was no benchmark of fair
value. As a result, Enron often relied on internal models to determine the fair value of its
securities, which created the potential for abuse and manipulation of the financial statements.7
Under grueling pressure to deliver ever-higher earnings, Enron‘s valuation estimates probably
4
Stewart, Thomas. “Two Lessons From the Enron Debacle,” Business 2.0, December 5, 2001.
5
Schonfeld, Erick. “Enron is Dead. Long Live Enron,” Business 2.0, December 7, 2001.
6
McLean, Bethany. “Why Enron Went Bust,” Fortune, December 24, 2001.
7
McLean, Bethany. “Monster Mess,” Fortune, February 4, 2002.
161
significantly overstated earnings. In fact, in 2000 unrealized trading gains made up more than
half of Enron’s stated $1.41 billion pretax profit.8
Exacerbating the Downward Spiral

It did not help matters that Enron’s competitive edge was beginning to dull during the last years
of the 1990s. Companies with clout began copying Enron’s unique strategy and filled the
industry with Enron clones competing against each other. By the end of 2000, the firm’s huge
profit margins were becoming a thing of the past. Consequently, energy prices were beginning
to tumble as the year 2001 began, and a world recession was on the horizon. This squelched the
opportunities for taking advantage of market volatility and making massive, swift trading gains
that Enron had so easily capitalized on in the past.
Driven to diversify, Enron clung to the notion of being the world’s largest trading market for
every type of industry it entered. Unfortunately, Enron also overextended itself in many areas
and was too arrogant to admit defeat. Take Enron’s lofty venture into broadband, for example.
In January 2000, Enron went public with its plan of constructing a high-speed broadband
telecommunications network. The ill-fated firm figured it could cash in on the Internet
technology boom by trading bandwidth just as it had built a grandiose empire around energy
trading. While Enron dumped millions and millions of dollars into the project, the investment
sustained a stingy return. Wall Street, however, turned a blind eye to this fact, and instead
rewarded the venture with an even higher stock price. Fortune and other magazines repeatedly
praised Enron as one the most admired companies in the world.
Exposing the Antics

Enron’s creative accounting went on for a few years (from as early as 1995 to 2001), despite
warnings from several individuals both inside and outside the company that something was
going on. For instance, in February 2001 an Arthur Andersen memo to David Duncan, the
manager in charge of auditing Enron’s books, expressed concern about Enron and indicated that
discussions had taken place about the company’s substantial related-party transactions. Later in
October, Duncan led efforts to shred thousands of Enron audit documents and to erase a slew of
electronic files in keeping with the company’s once-obscure document-retention policy. This
frenzied effort to destroy sensitive documents was conducted after the Securities and Exchange
Commission requested information for an informal investigation of Enron.
Perhaps more telling than the Andersen memo was a letter sent to chairman and CEO Kenneth
Lay in August 2001. Sherron Watkins, Enron’s vice president of corporate development, sent the
letter to Lay expressing concern that Enron would “implode in a wave of accounting scandals.”
Watkins complained about the “veil of secrecy” that surrounded the so-called special-purpose
entities in which Enron masked hundreds of millions of dollars of debt and investment losses.
She also indicated that company officials “consistently and constantly” complained about the
company’s accounting practices to former Enron CEO Jeffrey Skilling. The letter raised
questions about Lay’s knowledge of the company’s inner workings. Lay reacted to the letter
with concern and surprise and assured Watkins he would look into the matter. He asked Enron’s
8
Thomas, C. William. “The Rise and Fall of Enron,” Today’s CPA, March/April 2002.
162
law firm, Vinson and Elkins, to look into the matter, but Enron suggested the lawyers should not
“second-guess the accounting treatment” given by the company’s auditor, Arthur Andersen.9
In a testimony before the House Energy Commerce Committee on February 14, 2002, Watkins
expanded on what she wrote in her August 2001 letter by saying that Skilling had considerable
knowledge about the controversial private partnerships run by the firm’s former chief financial
officer, Andrew Fastow. Watkins also testified that she believed Mr. Skilling and Mr. Fastow,
along with the accounting firm Arthur Andersen and Enron’s legal counsel, Vinson and Elkins,
duped Kenneth Lay and the board of directors.10
In October 2001, Enron announced a third-quarter loss of $638 million and indicated that its
value was $1.2 billion less than had previously been reported. In November 2001, Enron
restated its earnings since 1997, reducing profits by nearly $600 million.
For the next couple of years, the Enron fraud sparked lengthy investigations into many aspects of
the company, several of which are still unresolved. On March 11, 2002, the chairman of the
Commodity Futures Trading Commission indicated that the government would investigate
whether Enron Corporation committed fraud or manipulated markets through improper trading.
The Justice Department, the Securities and Exchange Commission, and a dozen congressional
committees are still investigating Enron, its accounting practices, and the influence Enron’s
longtime auditor Arthur Andersen had on Enron’s accounting practices. The Labor Department
is investigating Enron’s actions in banning employees who lost their retirement savings from
selling stock in their §401(k) plans for about three weeks. Finally, the Federal Energy
Regulatory Commission is examining energy-price manipulation by Enron and other traders in
Western wholesale power markets,11 especially since former Enron energy trader Jeffrey S.
Richter pleaded guilty in February 2003 to criminal conspiracy while attempting to manipulate
California’s energy markets during its 2000-2001 electricity crisis.
What About the Board?

Doubt has also rightfully fallen on Enron’s board of directors. Many inquiring minds marvel
how the board could be so ignorant of the company’s shady tactics or so paralyzed to act. A
panel of Senate investigators wondering the same questions released a report in July 2002 of
their inquiries. In their findings, members of the subcommittee concluded that Enron’s board
members not only knew about Enron’s risky accounting practices, but they also could have
prevented many of them, as well as the pervasive debt-hiding and conflicts of interest.
In January 2005, 10 of the 18 former directors settled a class-action lawsuit by agreeing to pay a
total of $13 million from their own pockets. This sum is rather meager considering that the group
sold shares worth $250 million prior to the collapse of the company.
Furthermore, findings show that the compensation committee gave its stamp of approval on
issuing Ken Lay a $7.5 million credit line while allowing him to pay back those loans with
company stock. No board member seemed to catch on to the suspicious fact that Lay cashed out
9
Dizikes, Peter. “Arthur Andersen Fires Chief Enron Auditor,” www.Abcnews.com, January 15, 2002.
10
Douglass, Linda and Yesner, Stephen. “Enron Whistle-Blower Rips Execs in Congress,” www.Abcnews.com, February
14, 2002.
11
Gordon, Marcy. “Government Investigates Enron Trade Fraud,” www.Newsday.com, March 12, 2002.
163
$77 million worth of Enron stock in a single 12-month period. Other conclusions prove that the
board was told as early as 1999 by its auditing firm, Arthur Andersen, that Enron was “pushing
the limits” of accounting practices.12 While the board was cleared of any disciplinary action by
the SEC in September 2002, it still has a lot of explaining to do. Inquiries into the actions and
inactions of Enron’s board of directors have simply turned up more and more blame.
A Painful Lesson
Enron’s auditing firm, Arthur Andersen, on the other hand, has undergone severe punishment in
the aftermath of the Enron fiasco. In April 2002, David Duncan pleaded guilty to obstruction of
justice for his document-shredding shenanigans. Six months later, in October 2002, Arthur
Andersen was sentenced to five years probation and fined $500,000 for obstruction of a federal
investigation of Enron, the maximum penalty dictated by law. A few years later (May 2005),
this sentence was overturned by the Supreme Court. While Andersen eventually won its case, it
seems highly unlikely that it can ever return to is level of prominence in the accounting industry.
Andersen still faces civil suits from its Enron audits, as well as suits from other former clients.
However, the recent Supreme Court ruling may make it easier for Andersen to defend itself. The
federal Enron Task Force could also invoke further prosecution if it determines that the people
managing and reporting Enron’s earnings can be charged with stock manipulation.
The tarnished reputation of the former Big Five accounting firm has cost the company more than
penal fines, however; the conviction has stripped Arthur Andersen of its entire core business. As
of August 31, 2002, Andersen ceased auditing public companies, and the firm currently employs
a meager 200 workers, down from the 28,000 workers it employed at its peak. The flames of the
Enron inferno have almost single-handedly sucked the life out of the 89-year-old firm.
Arthur Andersen is not the only entity that has been punished for its dishonesty. In September
2003, Ben Glisan Jr., former Enron treasurer, pleaded guilty to conspiracy charges and became
the first former Enron executive to be sent to jail. Glisan was sentenced to five years.
On October 31, 2002, Andrew Fastow, former Enron CFO, was indicted on 78 counts for
devising the accounting practices that artificially inflated Enron’s profits. Fastow’s wife Lea,
along with seven other former executives, was also charged on May 1, 2003 for taking part in
some of her husband’s deals. The pair pleaded guilty on January 14, 2004, after striking an
agreement: Andrew pleaded guilty to conspiracy in a deal and received a 10-year sentence (later
reduced to six years) with a requirement to help in the ongoing investigation, while his wife
admitted guilt in filing false tax forms and received a 12-month prison sentence. In addition,
Andrew Fastow settled civil charges with the SEC by surrendering more than $23 million in civil
and criminal penalties.
In November 2006, two Enron executives received reduced sentences after helping prosecutors
convict the architects of Enron’s accounting fraud. Mark Koenig, the former investor-relations
head, received a sentence of 18 months. He pleaded guilty in August 2004 to one count of aiding
and abetting securities fraud and could have served as many as 10 years in jail. Michael Kopper,
who was at one time the top lieutenant to Andrew Fastow, was sentenced to just over three years
in jail. He pleaded guilty to money-laundering and conspiracy to commit wire fraud in 2002 and
12
Byrne, John A. “No Excuses for Enron’s Board,” Business Week, July 29, 2002.
164
could have faced up to 15 years in jail. Both men were fined $50,000 each, and after prison will
be on probation for two years.
The indictments have not stopped there. On January 22, 2004, Richard Causey, former chief
accountant at Enron, was indicted on six counts including conspiracy and fraud charges. Causey
pleaded guilty on December 28, 2005 to securities fraud. In exchange for cooperating with the
government he received only a five and a half year prison sentence, which he started serving at
the beginning of 2007. After serving his time in prison, he will be on probation for two more
years and will pay a $25,000 fine, to go along with the additional $1.5 million that he has already
agreed to pay or forfeit.
A month after Causey’s indictment in 2004, Enron’s former CEO Jeffrey Skilling was finally
indicted after over two years of investigation. Skilling was indicted on 35 counts including
insider trading, conspiracy, securities fraud, and wire fraud. In July 2004, Lay was charged with
and pleaded not guilty to 11 criminal counts. He immediately went on the offensive, holding a
press conference to proclaim his innocence. He laid the blame for the company’s downfall on
former CFO Andrew Fastow.
In May 2006, Skilling and Lay were both convicted of conspiracy and fraud. However, Lay died
from a heart attack on July 5, 2006, and his convictions were dropped, since he did not have a
chance to appeal. It appears that Lay’s estate will get to keep all of his Enron proceeds unless
civil court proceedings change things. In May, Skilling was convicted in federal court on 19
counts. He was sentenced in October 2006 to over 24 years in jail, but it now appears that he
may serve much less time in jail, since the Fifth Circuit Court of Appeals has criticized many of
the verdicts against Skilling. However, it is unlikely that all 19 counts will be dropped, so he
will face some time in prison.
The Enron web of deceit has also continued to grow as more and more companies have found
their entanglements with the firm coming to light. For example, in September 2002, a complaint
was filed in the federal court in Houston citing the role of Merrill Lynch and Company in
knowingly aiding a bogus transaction to boost Enron’s quarterly earnings. In November 2004,
five former executives from Enron and Merrill Lynch were convicted of conspiracy and wire
fraud. Because their crimes cost the company at least $12 million, each could receive a 12-year
jail sentence. Later, in December 2002, it was revealed that Citigroup and J.P. Morgan Chase
helped Enron hide debt or avoid taxes in previously undisclosed deals.
Although some firms have had to pay for their participation in the Enron fraud, others have been
able to escape liability from the class-action lawsuit. In December 2006, a $1 billion claim
brought against investment firm Alliance Capital Management LP, now known as
AllianceBernstein LP, was dismissed. The claim had to do with alleged fraud relating to its
underwriting of Enron securities. Then in March 2007, a federal court ruled that Enron
shareholders could not continue with a class-action lawsuit against banks and other firms for
their alleged participation in Enron’s accounting fraud.
Internal employees were not the only ones deeply affected by the company’s collapse. In July
2004, Enron was granted approval to be removed from bankruptcy protection, under a plan that
165
grants creditors a return of a mere $.20 on the dollar from their investments. Shareholders,
however, will receive absolutely nothing.
Regardless of how all the investigations and negotiations turn out, one thing is for certain: the
Enron case taught the world an alarming lesson about the comprehensiveness and subtleties of
fraud, as well as the consequences and penalties of greed. Fortunes, companies, and lives have
been shattered as a direct result of allowing wily accounting mechanisms to compensate for
simple honesty. Fortunately, public disgust and outrage has helped create new legislation and
regulations to crack down on corporate fraud. Hopefully, with these new procedures in place,
the corporate world can work to ensure that Enron does not repeat itself somewhere else.13
The Rise and Fall of WorldCom

On the outside, the rise of WorldCom seemed to be the ultimate tale of success. After all, when
a business evolves from a loose idea on a coffee-shop napkin into a multibillion-dollar company
in less than two decades, it must be doing something right. Unfortunately for WorldCom, it was
also doing many things wrong, including perpetuating critical accounting irregularities. The
fraudulent actions at WorldCom subsequently led to the undoing of the company, as well as the
largest bankruptcy filing ever in U.S. corporate history.
Origins of the Ill-Fated Company

In a small coffee shop in Hattiesburg, Mississippi, a group of entrepreneurs met one evening in
1983 to discuss an idea for a new long-distance telephone company. Bernard Ebbers, a former
high school teacher and basketball coach and the leader of the group, sketched out the vision of
their discussion -- a company called Long-Distance Discount Service (LDDS). By the end of the
evening, it was proposed that LDDS would function as a long-distance reseller and would begin
providing service in 1984.
LDDS, WorldCom’s predecessor, was created in the months following the coffee-shop meeting.
After a rocky period laced with financial difficulties, Bernie Ebbers became CEO of LDDS in
1985 and took over the helm of the company. Ebbers was a master at cutting costs, and under
his direction the company was steered back on course once again. In August 1989, Ebbers took
LDDS public.
For the next 15 years, LDDS grew through a flurry of acquisitions. Ebbers’ strategy was to grow
his company through buying other firms and adding them to the LDDS stockpile. Helping to
stimulate the telecommunications boom of the 1990s in the process, Ebbers made over 70
acquisitions that often shocked the industry. Unfortunately, this strategy was not infallible;
LDDS funded its purchases through heavy debt that bogged the company down in a massive
mire of loans.
One of Ebbers’ larger acquisitions occurred in 1994 when LDDS purchased IDB WorldCom, the
fourth-ranked carrier of international long-distance calls at the time. LDDS renamed itself
WorldCom Inc. one year later.
13
For more information on the Enron scandal, see the following article: Thomas, C. William. “The Rise and Fall of Enron,” Today’s
CPA, March/April 2002.
166
The Growth Continues

WorldCom continued to expand throughout the latter half of the 1990s. In 1996 Ebbers
resumed his shopping spree by purchasing MFS Communications for $12 billion. This
acquisition combined the company’s local telephone network with the newly acquired UUNet
Technologies Inc., an Internet network. WorldCom has managed one of the most expansive,
wholly owned IP networks in the world ever since.
In 1998 Ebbers used the growth-through-acquisition strategy once more and WorldCom reached
its pinnacle. After winning a bidding war with British Telecom, WorldCom and industry giant
MCI joined forces in a $42 billion merger, the largest merger in history at the time. Operating in
more than 65 countries, the new MCI WorldCom was crowned America’s number two long-
distance phone company.
At the same time Ebbers was expanding WorldCom at such a rapid pace, he was also recklessly
growing his own personal entrepreneurial empire. Borrowing millions at a time from corporate
banks and from WorldCom itself, Ebbers purchased a diverse array of companies. These
companies ranged from an all-terrain-vehicle dealership to a soybean-and-rice farm in Louisiana
to a minor-league hockey team. In 1999, Ebbers purchased 460,000 acres of timberland (an area
large enough to cover half the state of Rhode Island) in the southeastern United States from
Kimberly-Clark for a whopping $400 million. Previously, in 1998, he spent over $65 million to
buy the famous 500,000 acre Douglas Lake Ranch in British Columbia. The purchase
personified Ebbers’ over-the-top business style and breathless yearning for expansion: the
Douglas Lake Ranch is the largest privately held ranch in Canada, complete with 20,000 head of
Hereford and crossbreed cattle, its own general store, and a fly-fishing resort.
All of the expansion experienced by WorldCom, as well as by Ebbers’ personal kingdom, earned
nothing but rave reviews on Wall Street and in the media. WorldCom stock became a darling of
analysts and investors alike with its double-digit growth. Then, in June 1999, the company’s
stock peaked at $64.51 a share. The most sought-after athlete in the world, Michael Jordan,
appeared in WorldCom’s commercials. And CEO Bernie Ebbers was ranked by Forbes
magazine as one of the richest men in America.
Teetering on the Edge

WorldCom’s nationwide domination would not last, however. The ever-burgeoning company
with Ebbers at the reins decided to press its luck once more in October 1999. With its familiar
“bigger by buyouts” imperative, MCI WorldCom announced that it would acquire Sprint
Corporation for $129 billion in stock and debt. This deal would have been the largest corporate
takeover in history had the Department of Justice not stepped in the next year and blocked the
merger.
During this same time period, behind the facade of indefatigable public vigor, WorldCom was
beginning to experience problems. The debt and expenses from WorldCom’s mass acquisitions,
often purchased at inflated prices, were finally beginning to take their toll. Further complicating
the enormous debt bloating the company, the stock market began to fall, along with long-
distance rates and subsequent sales. Taken together, WorldCom’s situation was especially
precarious.
167
Despite these difficult times, WorldCom continued to grow in profitability, at least according to
the firm’s financial statements. Under immense pressure to expand and support its stock price,
WorldCom knew any reversal in this upward trend would not be easily condoned by Wall Street.
As CEO, Ebbers was especially obsessed with keeping the company’s stock price up. He began
meetings with a prayer, immediately followed by a discussion about how to enhance the price of
WorldCom’s stock.
Hiding the Hard Times

For the next two years, WorldCom struggled to remain profitable despite a slowing market.
Ebbers relied heavily on his Chief Financial Officer, Scott Sullivan, during this period. Sullivan,
who joined forces with Ebbers in 1992 when WorldCom bought his company out, had already
established himself as Ebbers’ right-hand man. The two even shared adjoining offices at the
company’s headquarters in Clinton, Mississippi. With a reputation as one of the most renowned
CFOs on Wall Street, Ebbers never made a significant business decision without running it past
Sullivan first.
It was Sullivan who decided to take a more aggressive approach to the company’s accounting
practices as market conditions weakened in the telecommunications industry early in 2001. Not
wanting to let on to the public that WorldCom was struggling, Sullivan sought to dilute reality by
rearranging certain financial-statement accounts. Instead of properly reducing profits, Sullivan
spread costs to a future time when he figured future revenue would roll in and swallow up the
loss.
For example, one of WorldCom’s largest expenses, known as “line costs,” was for transport
charges and renting access to local telephone networks. By booking a part of these line expenses
as a capital expenditure in 2001, WorldCom was able to amortize a monstrous $3.1 to $3.8
billion hunk of these charges over a period of time, possibly as much as 10 years, and come out
with a healthy net income of $1.38 billion. According to generally accepted accounting
principles (GAAP), however, these line costs should have been recorded as an operating
expense. Following GAAP in this case would have required WorldCom to subtract the entire
line-cost expense out of the revenues produced for that quarter, resulting in a loss. Sullivan,
concerned about his company’s image, decided he would take his chances with the creative
accounting.
Suspicions Arise
As WorldCom’s expense-hiding practices continued, most of the public was still hoodwinked
into thinking the company was thriving. However, some astute investors were convinced that
WorldCom smacked of misconduct. In June 2001, a group of WorldCom shareholders formally
filed a lawsuit against the firm. The suit included testimonies from a dozen former WorldCom
employees, who described the same problems that eventually destroyed the company a year later.
Unfortunately, the lawsuit was dismissed.
As the year 2002 unfurled, WorldCom wariness had spread all the way to the Securities and
Exchange Commission (SEC). An inquiry into the company’s accounting practices was soon
underway. Later, in May, the SEC took the company by surprise when it submitted a request for
168
information. Because WorldCom had continued to report a profit throughout 2001 when its
biggest competitors were losing money, suspicion about the firm’s numbers was sufficiently
heightened.
Additionally, the SEC launched an investigation into the loans WorldCom had approved to
Bernie Ebbers for his personal investments. One loan, granted by Max Bobbitt, the head of
WorldCom’s audit committee, was for a hefty $408 million.
On April 30, 2002, Ebbers resigned as WorldCom’s CEO in an attempt to quell some of the
controversy surrounding his company. John Sidgmore, WorldCom’s vice-chairman, replaced
Ebbers and immediately ordered an internal review of the company’s books. WorldCom’s new
outside auditor, KPMG, as well as WorldCom’s internal-audit team, was given the grisly job of
uncovering the truth. (KPMG had replaced Arthur Andersen as WorldCom’s auditor once it
came to light that Andersen was entangled in the Enron scandal.)
Discoveries from the Inside

While the SEC and KPMG were searching for answers, WorldCom’s internal-audit department
was already hot on the trail. Cynthia Cooper, vice president of WorldCom’s internal-audit
department, and her team were slowly piecing together WorldCom’s incongruities on their own.
Beginning in March 2002, Cooper became aware that something was very wrong with her
company’s accounting, and she enlisted her team to find out exactly what it was.
After raising questions about curious financial inconsistencies to various superiors without
getting any convincing explanations, Cooper decided that if she wanted answers she was going
to have to find them herself. Her boss, CFO Scott Sullivan, offered no support. She
immediately told her department that they would begin self-imposed financial audits of the
information WorldCom was reporting to the public even though no one had assigned them this
responsibility.
On May 28, 2002, Gene Morse, one of Cooper’s auditors, discovered $500 million in fraudulent,
undocumented computer expenses that were recorded as capital expenditures. Cooper and her
team continued to dig for more clues. By the first week of June, Morse had uncovered a total of
$2 billion in questionable accounting entries by accessing WorldCom’s computerized accounting
systems. A week later when Cooper casually mentioned the audit she was working on to her
boss to gauge his reaction, Sullivan immediately requested that she delay the audit until the next
quarter. Cooper refused. On June 20, with help from KPMG, Cooper presented her team’s
findings to WorldCom’s board.
It All Comes Tumbling Down

Days after Cooper met with the board, Sullivan was fired. Company controller David Myers,
who also had a hand in the misstatements, resigned. The next evening WorldCom took Wall
Street by surprise and dropped the bomb that it had overstated its profits by $3.8 billion over the
previous five quarters. On June 26, the SEC stepped in and slammed the telecommunications
giant with a civil fraud suit. Trading of WorldCom’s stock came to a screeching halt, and the
company was eventually delisted by NASDAQ.
169
On July 21, 2002 WorldCom declared bankruptcy to the astonishment of absolutely no one.
WorldCom’s Chapter 11 filing eclipsed that of Enron Corporation, from the year before, to
become the largest bankruptcy filing ever in U.S. history. The company listed over $100 billion
in assets with the number of creditors exceeding 1,000. Additionally, WorldCom’s debt was
ballparked at $32.8 billion.
In August, Scott Sullivan and Buford “Buddy” Yates, a former midlevel accounting executive
who carried out Sullivan’s orders, were indicted by the federal grand jury in New York. Both
were charged with one count of conspiring to commit securities fraud, one count of securities
fraud, and five counts of making false filings with the SEC.
By March 2003, five former WorldCom executives had been indicted or charged by Manhattan
prosecutors in connection with the scandal. All pleaded guilty -- except for Sullivan. However,
after 18 months and almost $14 million in attorney fees, Sullivan finally gave in on March 2,
2004 and pleaded guilty to all three counts of securities fraud charged against him. In exchange
for his plea, Sullivan traded the possibility of 165 years in jail if proven guilty for a sentence that
capped jail time to 25 years. At his plea hearing, the former CFO fessed up to investors by
saying “I knew what I was doing was wrong ... I did this in a misguided effort to preserve the
company.”14 Sullivan was later given a five year prison sentence, and he was forced to surrender
his $11 million Florida mansion and his depleted WorldCom retirement account.
Later that same day, another breakthrough in the WorldCom investigation came in the form of an
indictment, this time for former CEO Bernard Ebbers, who had so far staved off charges that he
knew what was going on with WorldCom’s creative accounting. Thanks to Sullivan’s newfound
cooperation, authorities were finally able to secure charges against the former CFO’s boss.
Ebbers’ indictment consisted of the same three charges levied against Sullivan: conspiracy to
commit securities fraud, securities fraud, and making false statements to the SEC. Ebbers
pleaded not guilty.
Ebbers’ trial began in late January 2005. He was convicted on nine counts and received a 25
year prison sentence. The conviction was upheld by an appeals court, so Ebbers, age 64, will
likely spend the rest of his life in prison. The outcome of his trial was important because it
provides insight into how future CEOs, who claim they knew nothing of the wrongdoing within
their corporations, will be dealt with by juries.
In addition to federal charges, the state of Oklahoma filed criminal charges against WorldCom,
Sullivan, Ebbers, and four other executives for violating state security laws in August 2003.
Frustrated at federal investigators for taking so long to punish those most directly involved in the
massive fraud, Oklahoma’s attorney general initiated the charges to bring some justice to
shareholders in Oklahoma and elsewhere. The charges were dropped against the company seven
months later in return for jobs in the state and help in prosecuting former executives.
Dealing with the Aftermath

This painful turn of events was just the tip of the iceberg for WorldCom. Further investigation of
the company has forced WorldCom to gorge on humble pie and make several more financial
14
Berman, Dennis K. “Sullivan Gives In, Pleads Guilty,” The Wall Street Journal, March 3, 2004.
170
restatements. What was once $3.8 billion of financial misstatements soon became $7.2 billion
and then $9 billion in November 2002. The SEC rewarded these corrections with even more
fraud charges expanding the purported types of financial manipulations that occurred. One
additional complaint alleged that WorldCom kept a secret “cookie jar” stash of reserves used to
infuse the bottom line whenever the company needed to offset expenses. On March 12, 2004,
WorldCom restated financial results for 2000 and 2001, reducing pretax income by $74.4 billion.
Fraud was said to account for $10.8 billion of the adjustment.
On November 26, 2002, WorldCom announced that it had reached a settlement with the SEC to
resolve claims from the civil lawsuit regarding WorldCom’s former misguided accounting
practices. The agreement was seen as a significant milestone in the firm’s restructuring strategy.
Days later marked another change for WorldCom: Michael Capellas began his new assignment
as WorldCom’s latest CEO. As former CEO of Compaq Computers, and then president of
Hewlett-Packard Co. after Compaq and HP merged, Capellas came into office pledging to
continue to restructure WorldCom and lead it out of bankruptcy without hawking off large
portions of company assets. Later, on May 20, 2003, the company agreed to pay investors $500
million to settle fraud charges, taking another step toward emerging from bankruptcy.
In March 2003, WorldCom revealed that it would write down $79.8 billion of its goodwill and
other assets-- an action viewed as an acknowledgement that several areas of the firm’s
telecommunications holdings were practically worthless. While WorldCom previously alluded
to making the write-downs, many analysts were surprised by the size of the amounts. The
company’s reductions were second only to AOL Time Warner’s markdowns of almost $100
billion in assets. Following through with the markdowns, however, is another significant step for
WorldCom to recover from bankruptcy: the move allows the firm to shrink its depreciation and
amortization expenses from about $480 million in December 2002, to $143 million.
In January 2005, the company’s lead investment banker, Citigroup, paid $2.65 billion to settle
claims by investors affected by the company’s demise, and 10 former WorldCom directors have
agreed to personally provide $18 million to settle the same lawsuit. This disbursement is
important because it sends the critical message to directors that they can also be held accountable
if they don’t keep a close watch on the workings of their company. In April 2006, Citigroup
agreed to pay $13.25 million to settle a lawsuit that alleged that Jack Grubman, a star
telecommunications analyst at Citigroup, gave overly optimistic research about WorldCom in
order to increase investment-banking business.
As is to be expected, restructuring the company has come at a costly price, including thousands
of layoffs. In February 2003, WorldCom employed just 60,000 workers, down 17,000 from the
prior year, with 10,000 more employees receiving pink slips in subsequent months.
Additionally, WorldCom made arrangements to consolidate facilities to reduce square footage by
26 percent and to engage in extensive cost-cutting endeavors.
The road out of bankruptcy has been a steep, uphill climb. However, for being listed as one of
the worst frauds ever in American business, WorldCom has recently done an impressive job of
instituting best-in-class corporate governance practices and controls to rebuild faith in the
company. Besides hiring Michael Capellas to head the company, WorldCom has also
171
completely replaced the board and executive officers. WorldCom made it a point to fill the open
positions with individuals known for integrity, including independent board members Eric
Holder, former U.S. Deputy Attorney General, and Dennis Beresford, former chairman of the
Financial Accounting Standards Board. In April 2003, the company hired Robert Blakely, a
well-respected former CFO of Tenneco, as its new CFO. WorldCom also conducted a thorough
internal investigation to root out any company employees that had a high likelihood of being
aware of what was going on with the company during its shadier days. Fifty individuals were
asked to resign as a result.
WorldCom has made striking progress in cleaning up its past. The company emerged form
bankruptcy protection in 2004 and formally changed its name to MCI. MCI was acquired by
Verizon in January 2006 for $8.6 billion. MCI passed on a bid by Quest Communications that
was $1.3 billion higher than Verizon’s in exchange for a stronger position in the market as well
as a stronger financial position.
Looking to the future

In the wake of the scandal, the firm, as well as investors, has learned the hard way that the
outward appearance of a company’s growth and vitality are not nearly as important as its genuine
health. After all, one can only pull the artificial wool over the public’s eyes for so long before it
gets intolerably itchy. To WorldCom’s credit, straightforwardness and honesty have now
replaced the numbers games of yesteryear.
The Secrets of Adelphia

John J. Rigas, founder and former chairman and CEO of Adelphia Communications, was
arrested on Wednesday, July 24, 2002 in Manhattan, along with two sons and two former
company executives. All were charged with looting the nation’s sixth-largest cable television
company on a massive scale and using the company as their personal “piggy bank.” The much-
publicized arrests were part of President Bush’s move to “investigate … arrest and … prosecute
corporate executives who break the law. Today was a day of action and of accomplishment,”
Bush told reporters.15
For Rigas and family, who were each released on a $10 million personal recognizance bond, it
was a day of rude awakening.
The road to this unpleasant day for the Rigas family had started out innocently, as do most cases.
Little did John Rigas know that the apparently safe road he traveled at the beginning would only
lead to a dead end.
In the Beginning
John J. Rigas was born in 1924 to a Greek immigrant who ran a restaurant in eastern New York.
Rigas had served in the Armored Infantry Division of the United States Army during World War
II and later attended Rensselaer Polytechnical Institute. Rigas graduated in 1950 with a B.S. in
Management Science.16
15
“Adelphia officials arrested, charged with massive fraud,” Wall Street Journal, July 25, 2002, A3.
16
http://www.sabres.com/team/rigas.html.
172
Rigas was a character. He was 5 feet 5 inches tall. He had a “gap-toothed smile, a wandering left
eye, and a ton of energy.” His father had wanted him to work at the restaurant when he returned
home from college, but after a few months John realized he could do much better. He was loaned
money from his dad and other Greek businessmen and bought a movie theater for $72,000 in
Coudersport, Pennsylvania. Rigas made it all happen himself -- he sold tickets, made the
popcorn, and at times would sleep on a cot in the theater when he was too tired to make it
home.17
The New Kid in Town

John Rigas did not impress anybody when he first arrived with his wife Doris in Coudersport in
1951. Back then, Coudersport did not seem like a place anybody would go to make a fortune.
Coudersport had missed nearly every economic boom in rural Pennsylvania. There was no coal
to mine, no oil beneath the surface. The hills around town had been logged bare years before.
The joke was that Coudersport had not felt the Great Depression because it had not known
prosperity. People were not sure what to think about a man like John Rigas. He was perceived as
almost a threat by the residents of the rural town. He attempted to be involved with the
community, but he could not even get elected to the local school board.
However, Rigas seemed determined to win everybody over. He stayed until midnight talking to
moviegoers after the lights went up. He stopped people on Main Street to talk about their kids.
He began attending the Episcopal Church preferred by the town’s business leaders, even though
he was raised in the Greek Orthodox faith.18
Rigid Rigas
Rigas was just as determined about winning his fortune as he was about establishing a credible
reputation amongst Coudersport residents. In 1952 he overdrew his bank account to buy the town
cable franchise for $300 from a local hardware store owner who had erected an antenna on Dutch
Hill. A doctor and a state senator agreed to put up $40,000, and John was in the cable business.
He wired up Coudersport. Four years later, he and his brother Gus did the same in Wellsville.
After wiring the town, John acquired more rural cable systems in New York and Pennsylvania.
From these beginnings, the two brothers steadily acquired cable systems in communities
throughout Western Pennsylvania and Western New York State. In 1972, they incorporated their
holdings in Adelphia Communications Corporation. Gus sold his interest in Adelphia in 1983,
which was about the same time John’s sons returned from college.19
John pushed himself even after successful expansion of his cable company, never being quite
satisfied. He and Doris pushed their children just as hard. They raised Michael, Tim, and James
to be model students. Michael and James were class valedictorians. One by one the Rigas
children went off to elite colleges. But for all their winning qualities, there was something odd
about the Rigas boys. Unlike their father, they were awkward socially. The boys clearly
preferred being with their immediate family in Coudersport. Not long after getting their degrees,
Michael and Tim moved back in with their parents. Neither married. James spent a year and a
half in San Francisco after graduating from Stanford, working at Bain and Company, but then he
too returned to Coudersport, where he married and moved into a place of his own in town. "John
17
Leonard, Devin. “Adelphia Story,” Fortune, August 12, 2002, p. 140.
18
Ibid., p. 140.
19
Ibid., p. 142.
173
just controlled everything with those boys," lamented a relative. "He wouldn't give them any
rope."20
All three sons went to work for their father. John could not have been happier. He now had three
highly qualified young men to help run his cable company.
The Rise of Adelphia

Adelphia was still a shoestring operation: John ran the company out of an office over a hardware
store with three secretaries and a lineman. Once his sons joined the business, things started to
change. In 1981, Adelphia moved into an old church. People wondered what John was going to
do with all the extra space. In 1985, Adelphia went from 53,538 subscribers to 122,500 after it
acquired a cable system in Ocean County, New Jersey. When Rigas took Adelphia public the
next year, it had 370 full-time employees and deals on the table that would increase its
subscribers to 253,767. By the mid-1990s Adelphia had moved into the old Coudersport High
School building on Main Street, where his sons had gone to school. It was an odd place for what
was now one of the nation's 10 largest cable companies, managing 1.2 million subscribers. But
the Rigas systems were the envy of their peers. They were clustered together in six areas --
western New York, Virginia, Pennsylvania, New England, Ohio, and coastal New Jersey --
making it easier for Adelphia to control costs. That allowed Adelphia to enjoy 56-percent
operating cash margins, the highest in the cable industry.21
Rigas and his sons came to be considered savvy businessmen. John was the resident wiseman,
but he was also obsessed with details. He knew every inch of his cable systems; he looked at
each résumé that came in. Michael was responsible for the daily operations of the cable systems.
Tim was CFO. James supervised Adelphia's push into new technologies, including telephone
service.22
Company of (excessive) Brotherly Love

Yet as the cable industry grew up, the Rigas family operated as if they were a million miles away
from prying investors. Says Tom Cady, a former Adelphia sales and marketing executive,
"Decisions were made at the dinner table rather than in a boardroom or somebody's office." They
were famous for not returning calls from analysts. In addition, they structured Adelphia so that
there were no checks and balances at the top. Tim Rigas was CFO, and he was also the chairman
of the board's audit committee, which oversaw the CFO's work. So how effective was the audit
committee?23
To anybody who followed John Rigas' career, what happened with Adelphia's financing was
predictable. Rigas and his sons were famous in the cable industry for taking massive risks and
leveraging Adelphia to the hilt. Rigas once said to his secretary “Well Angie, I’m either going to
become a millionaire or I’m going to go bankrupt.” Go figure.
The small-town businessman who had boasted about his stomach for leverage now saddled
Adelphia with outlandish amounts of debt. In 1996, Adelphia's debt was 11 times its market
20
Ibid., p. 144.
21
Ibid., p. 144.
22
Ibid., p. 144.
23
Ibid., p. 144.
174
capitalization, an off-the-chart number. Adelphia began commingling revenues from its own
cable operations, family-owned systems, and loan proceeds in an account referred to internally,
according to documents filed recently with the SEC, as the "cash-management system." It would
be an understatement to say that this was a significant amount of money. After Adelphia made a
series of acquisitions in 1999, its annual revenues reached $3 billion. From time to time the
Rigas family dipped into the account for “personal business,” such as the following:
• $63 million was used to pay margin loans.
• $4 million was used to buy Adelphia stock.
• $700,000 was used to pay for Tim's membership in the Golf Club at Briar's Creek
on John's Island, South Carolina.
• $371,000 went to Dobaire Designs, owned by Doris Rigas, for design services.
• $2 million went to Wending Creek Farms, owned by John Rigas. The fees were
charged to Adelphia for snowplowing and lawn care.
• $3 million was paid to SongCatcher Films to finance production of a movie being
produced by Ellen Rigas, John’s daughter.
• $12 million was paid to Eleni Interiors, a furniture store owned by John himself
and managed by his wife Doris.
• $13 million was paid to the golf club at Wending Creek Farm to develop a ritzy
golf club.
• $26 million was paid to Wending Creek 3656 for company timber rights that
would eventually turn into a Rigas partnership.
• $65 million was paid to Praxis Capital Ventures to fund a venture capital firm run
by Rigas’ son-in-law.
• $150 million went to the Niagara Frontier Hockey LP to purchase the Buffalo
Sabres hockey team of the NHL.
• $1 billion went to Highland 2000 to guarantee a loan to the Rigas family, with
which they would buy stocks.24
• The TOTAL was $1,339,071,000.
King of Coudersport
The Rigas family did not particularly care if investors shied away from Adelphia's stock. They
cared about Coudersport. As Adelphia prospered, John Rigas became the town's biggest
benefactor. He was just a small-town guy who loved helping his neighbors. He sent busloads of
children to Buffalo Sabres games (since Rigas was the owner of the hockey club). He used
Adelphia's corporate jet to fly ailing people to faith healers and cancer treatment centers. He
hired many locals and paid them well. Employees built suburban-style houses. The newspaper
store started selling fancy coffee. A gym opened on Main Street. The Adelphia Christmas party
became the "fancy-dress event in Coudersport, a chance to hobnob with the Rigases and socialize
in suits over catered canapés," said Donald Gilliland, managing editor of the Potter Leader-
Enterprise. John combed the local papers and sent checks to down-on-their-luck families. People
seeking favors camped out in Rigas' favorite restaurants, waiting for the CEO to arrive for lunch.
He rarely turned anybody down. In a celebratory video, Decker Anstrom, CEO of the Weather
Channel, said, "If there's one person I'd like my son to grow up to be, it would be John Rigas."25
24
Ibid., p. 140.
25
Ibid., p. 138.
175
Coudersport treated the Rigases like royalty, and they behaved accordingly. John now traveled in
a Gulfstream jet, which Adelphia purchased from King Hussein of Jordan. Doris rarely ventured
into town, sending servants to do her shopping. No expense seemed to be spared. Sometimes
people in Coudersport even wondered whether all the spending was legitimate, but the thought
would pass. It seemed as though everyone in town had benefited from John's largesse. "He's our
Greek god," Shirlee Lette, a local newspaper columnist, told a visiting reporter.26
Dial “F” for Fraud

Oren Cohen thought there was something about the family's spending that did not add up. Then a
high-yield-bond analyst for Merrill Lynch (and now a principal at Trilogy Capital), Cohen had
followed Adelphia for years. He noticed that the Rigases were buying their own stock
aggressively, but he could not figure out how in the world they were paying for it. They did not
appear to have the cash themselves. John Rigas made $1.4 million in 2000. Michael, Tim, and
James each took home $237,000.27
The Rigases had no sources of income outside Adelphia. Each time Cohen tried to get an
explanation, Adelphia rebuffed him. In February 2001, Cohen noticed that the Rigases had
bought or were committed to buying $1.8 billion of Adelphia stock and convertible bonds. At the
time of the purchases the stock had been trading at about $40 a share. Now it was at $20. If John
and his sons were using borrowed money, the Rigases were in trouble. It was time to call
Adelphia again. "It seems to me the Rigases are $900 million or $1 billion in the hole," Cohen
said to the head of investor relations. "How is this stuff being funded?" He got the brush-off.28
On March 27, 2002, Cohen nearly shouted for joy when he spied a footnote on the last page of
Adelphia's quarterly earnings press release. It said Adelphia was liable for $2.3 billion in off-
balance-sheet loans to the Rigas family. Near the end of a conference call that day, Cohen
pressed Tim Rigas for details. Tim muttered something about family stock purchases and said he
would provide details later.29
That might have sufficed in the past, but it was just months after the disclosure of off-balance-
sheet debt at Enron had led to the largest corporate bankruptcy in history at that time. Adelphia's
stock tumbled 35 percent in three days. The SEC began an investigation. In addition to
overstating cash flow, Adelphia had inflated its subscriber data by between 400,000 and 500,000
members.30
The Music Has Stopped and John Has No Chair

Things in Coudersport quickly unraveled. John issued a statement acknowledging that
shareholders were “looking for greater clarity and transparency." The stock continued to
plummet as Adelphia announced it would be restating earnings for 1999, 2000, and 2001. The
company delayed filing its 2001 annual report in order to sort out its books. On May 15, John
resigned as chairman and CEO. His sons followed suit shortly thereafter.31
26
Ibid., p. 148.
27
Ibid., p. 146.
28
Ibid., p. 148.
29
Ibid., p. 148.
30
Frank, Robert. “Adelphia inflated subscriber data,” Wall Street Journal, June7, 2002, A3.
31
176
Rigas was succeeded by interim CEO Erland Kailbourne, a retired Fleet Bank executive and
Adelphia "independent" director. Kailbourne was a consummate Rigas family insider, an old
friend from Wellsville, and a lot of observers suspected that John might still pull the strings.32
Fortunately Kailbourne remedied the situation by replacing himself with a new CEO and COO
from AT&T, although the action was not easily accomplished due to shareholders who objected
to their high salaries. That is a story in and of itself, but the executives at Adelphia felt that the
salaries were necessary because of the challenges of running a company that by that point faced
roughly $20 billion in debt, several government inquiries, and huge investor lawsuits.33
The independent directors had signed off on the lending agreements, but thought the Rigases
were buying more cable systems, not taking out what were essentially margin loans to buy
Adelphia stock. John had made them look like fools. Kailbourne and the three other independent
directors hired David Boies, the attorney who led the case against Microsoft, to look into
Adelphia's books.34
Adelphia's stock was soon worth pennies. The company was delisted by NASDAQ because it did
not file its 2001 annual report. That triggered the default of $1.4 billion in Adelphia convertible
bonds. Bankruptcy was all but certain. The company desperately needed a loan to stay afloat, but
Wall Street was not about to lend it any more money as long as the Rigases were around. The
family still held 100 percent of the company's class B voting stock. Technically they were still in
control of Adelphia.35
The problem was that John Rigas did not think he had done anything wrong. The day after he
resigned as chairman and CEO, he startled the independent directors by showing up at a
directors' meeting. Surely, he told them, this mess could be sorted out and things would get back
to normal. No, John, said his old friends, you and the boys have to go. Lawyers from Boies' firm
tried to negotiate a severance package with John but could not reach an agreement. Finally the
independent directors gave the Rigas family an ultimatum: The family could turn over their
voting shares to the directors, or they would resign and go public with everything they had
uncovered. After an all-night negotiating session on May 22, 2002 in Coudersport, the Rigases
finally relinquished control at 5 a.m. Adelphia received a $1.5 billion bank loan. Since then,
Adelphia has filed for Chapter 11 bankruptcy.36
Bizarre Beneficiaries of the Bankrupt Boys

The travails of Adelphia Communications may have some unlikely beneficiaries. Although now
known for operating under Chapter 11 bankruptcy and for the arrests of Rigas and sons,
Adelphia was formerly known in its industry for something else: a strict adherence to traditional
family values.37 Alone among major cable operators, Adelphia has shunned pornography and
other sexually explicit programming. When it acquired cable systems, it routinely dumped such
adult programming as the Playboy and Spice channels. Although other cable and satellite
companies would make almost $1 billion from such programming in one year, Rigas still refused
to carry it, even against outcries of proponents of the First Amendment and fans of adult
32
Ibid., p. 148.
33
Wei, Lingling. “Adelphia pay packages win approval in Bankruptcy Court,” Wall Street Journal, March 4, 2003.
34
35
Ibid., p. 148.
36
Ibid., p. 148.
37
Beatty, Sally. “Once Taboo on Adelphia outlets, adult programs stage comeback,” Wall Street Journal, July 25, 2002.
177
entertainment. Rigas’ response was simply that “in the last five years, as cable has embraced
more adult programming, we’ve never spent time thinking about reversing our decision.” While
the adult-programming industry will benefit from Adelphia’s fall, other competing cable
companies will be hurting, in addition to companies that provide shows to Adelphia and
technology vendors that supply Adelphia with services and gear. Rival cable operators have
found themselves under much pressure with so many investors wary of debt and similar
Adelphia-like “shenanigans.”38
The Aftermath
The ripple effects of this fraud case, like Enron, will be felt for some time. The Adelphia stock
can be found listed now in “Pink Sheets” (a daily publication that lists the “bid” and “asked”
prices of many over-the-counter stocks), where it sold as low as two cents.39 Erland Kailbourne,
the ex-interim CEO, believes that Adelphia will not have to sell out completely, although many
of its 1,200 Coudersport employees will be laid off. 40 His prognosticating abilities have come
true in many ways, as the headquarters has since moved from Coudersport to Denver,41 and with
the induction of new executives at Adelphia things are beginning to look up.
One noteworthy event is the rise in the market that occurred the day of John Rigas’ arrest,
implying the widespread approval of the government’s somewhat-tardy action against
corporate/white-collar crime.
John Rigas -- charged with fraud, arrested, suspected of tax violations, and facing a $1 billion
lawsuit filed by Adelphia -- still believes that he did nothing wrong. The courts of justice, on the
other hand, disagreed with Rigas; in fact, he, his sons, and Adelphia’s former director of internal
reporting, Michael Mulcahey, were indicted in September 2002 on charges they looted the
company out of hundreds of millions of dollars. In addition, the family has been sued by
Adelphia for concealing evidence of fraud and creating fictitious documents and accounting
books to mislead auditors.42
On February 23, 2004, the trial officially began for John Rigas, his sons Timothy and Michael,
and Mulcahey, in Federal District Court in downtown Manhattan. All four were previously
charged with conspiracy, securities fraud, wire fraud, and bank fraud. Bank fraud alone, the
most severe count the four faces, carries a maximum sentence of 30 years. The Rigas family and
Mulcahey, however, have pleaded not guilty, in spite of the guilty plea of two former executives
who agreed to cooperate with government officials.43 These executives, James Brown, the
former vice president of finance, and Timothy Werth, the former accounting director, will no
doubt be called to the stand to testify that boss Timothy Rigas and kin had knowledge that what
they were doing was wrong.
The Rigas trial concluded in July 2004. The jury convicted John and Timothy Rigas of a single
count of conspiracy, two counts of bank fraud, and fifteen counts of securities fraud. The jury
found them not guilty of five counts of wire fraud. John Rigas was sentenced to 15 years in jail,
38
“Adelphia’s Fall Will Bruise a Crowd,” Business Week, July 8, 2002, p. 44.
39
http://www.pinksheets.com/quote/quote.jsp?symbol=adelq.
40
Lieberman, David. “CEO lays plans for Adelphia’s future.” USA Today, June 27, 2002 C1.
41
http://online.wsj.com/article/0,,SB1043791845385455784,00.html
42
Frank, Robert. “Adelphia Files fraud suit against Ex-Auditor Deloitte.” Wall Street Journal, November 7, 2002, A2/A10.
43
“Former Adelphia executive pleads guilty in Fraud Case.” Wall Street Journal, January 10, 2003.
178
and Timothy was sentenced to 20 years. Both have appealed. Mulcahey Rigas was found not
guilty on all 23 counts against him. In November 2005, Michael Rigas pleaded guilty to making
false entries to Adelphia’s records. He faces up to three years in prison.
Adelphia, now under the direction of chairman and CEO William Schleyer, continues to stay
afloat with over 5.3 million cable subscribers in over 30 states. Even in bankruptcy, the
company is valued at $17 billion. The company was placed on the auction block in late 2004. By
the bid deadline in January 2005, it had attracted some major bidders, including a $17.6 billion
bid by Time Warner Inc. and Comcast Corp., as well as several large private-equity corporations.
Adelphia has subsequently accepted the Time Warner and Comcast bid, and the deal should take
about a year to close. In August 2006, Time Warner
and Comcast completed the acquisition of Adelphia. Time Warner’s cable unit took 3.3 million
of Adelphias’s subscribers, and Comcast took 1.7 million Adelphia subscribers in exchange for
$12.5 billion in cash and Time Warner Cable common stock.
Through it all, Rigas still receives cards from Coudersport residents who remain faithful, and
says that “most of the cards end with a message that is most meaningful and that is that ‘you are
in our prayers.’ It does bring a tear to my eye.”44 Perhaps he has even shed a tear or two for the
thousands of Adelphia shareholders who have shed some tears of their own.
44
Leonard, Devin. “Adelphia Story.” Fortune, August 12, 2002, p. 148.
179
Famous Frauds
The following table shows the sentence and forfeitures of some of the more famous fraud
perpetrators of the last decade or two.
180
181
rationales.
1. Which of the following phases in the four-step investigation strategy involves

determining if there is sufficient cause, or predication, to investigate the fraud symptoms?
A. Problem recognition and definition phase.

B. Evidence collection phase.
C. Evidence evaluation phase.
D. Report findings phase.
2. With regard to the four-step investigation strategy, determining if, in fact, a fraud actually
occurred is the objective of the:


determining if the evidence collected is sufficient to effectively evaluate and report the
fraud?

4. With regard to the four-step investigation strategy, what is often the only evidence
available to support the fraud investigation is the result of the:

5. True or false: A fraud report should contain a conclusion or opinion as to whether a

fraud actually took place.
A. True.
B. False.
182
6. The largest and most frequently gathered type of evidence is:
A. Documentary evidence.
B. People evidence.
C. Personal observation.
D. Physical evidence.
7. Which of the following means of obtaining possession of documentary evidence is issued

by a judge when there is probable cause to believe the records are being used or have been
used in committing of a crime?
A. Consent.
B. Court order.
C. Subpoena.
D. Search warrant.
8. By performing an alteration analysis, document examiners can determine:
A. If a handwritten document or signature is genuine.

B. If a document was printed by a particular machine.
C. If a document has been doctored or altered.
D. If a document is written on paper that is the same texture, thickness, color, and
opacity as the other pages.
9. With regard to a net-worth calculation, the asset method:
A. Is used when the illicit income is spent on expensive living, travel, entertainment,
and buying assets such as cars and boats.
B. Uncovers inconsistencies in revenue and expenses when the perpetrator uses illicit
income to purchase assets.
C. Is used when the illicit income is spent on expensive living, travel, and
entertainment, rather than to buy assets such as cars and boats.
D. Uncovers inconsistencies in revenue and expenses when the perpetrator uses illicit
income to spend on expensive living, travel, entertainment.
10. True or false: The net-worth method produces a conservative calculation of the amount
of money the perpetrator has taken and, as a result, is readily accepted as documentary
evidence in a court of law.
A. True.
B. False.
11. Which of the following must a hotline possess in order to be successful?
183
A. A lack of anonymity, to open up lines of communication and allay fears of

reprisal.
B. Experienced phone operators to minimize the amount of information given by the
tipster and to screen out calls with merit.
C. It should prompt investigations to show employees that the tips are taken
seriously by management.
D. Delay investigations to let things “cool down” and allay fears of reprisal.
12. Which of the following interviewee types are usually the most helpful and objective of all
the interviewees?
A. Cooperative interviewees.
B. Neutral interviewees.
C. Guilty interviewees.
D. Hostile interviewees.
13. Which of the following stages of those affected by fraud includes people insisting that
there is some mistake, acting stunned or dazed, or being unable to comprehend what took
place?
A. Denial.
B. Anger.
C. Rationalization.
D. Depression.
14. True or false: The difference between an interview and an interrogation is that an
interrogation is conducted to obtain information about the fraud, while an interview is
A. True.
B. False.
15. The secret and continuous observations of people, places, and things to obtain
information about the identity and activity of individuals suspected of fraud are known
as:
A. Surveillance.
B. Undercover operations.
C. Searches.
D. Invigilation.
16. The observation evidence technique that is a process of observing and controlling
company activities so closely for a period of time that fraud is virtually impossible is
known as:
A. Surveillance.
184
B. Undercover operations.
C. Searches.
D. Invigilation.
17. True or false: Physical evidence is the most-used type of evidence in a fraud
investigation.
A. True.
B. False.
18. The SEC appoints the five full time members of the PCAOB which consists of:
A. One Non-CPA member and four CPA members.

B. Four Non-CPA members and one CPA member.
C. Two Non-CPA members and three CPA members.
D. Three Non-CPA members and two CPA members.
19. Near the end 1999, WorldCom’s situation was made especially precarious because:
A. It carried enormous debt and the stock market, long distance rates, and subsequent
sales all began to fall.
B. Energy prices were beginning to tumble and a world recession was on the
horizon.
C. It overextended itself with a plan to construct a high-speed broadband
telecommunications network.
D. Its directors signed off on lending agreements that were essentially margin loans
to buy company stock.
20. True or false: The Adelphia fraud engineer, John Rigas, still receives cards from
Coudersport residents who remain faithful, and says that “most of the cards end with a
message that is most meaningful and that is that ‘you are in our prayers.’
A. True.
B. False.
185

determining if there is sufficient cause, or predication, to investigate the fraud symptoms?
A. Problem recognition and definition phase. This answer is correct because the
objective of the problem recognition and definition phase is determining if
there is sufficient cause, or predication, to investigate the fraud symptoms.
B. Evidence collection phase. This answer is incorrect because the objective of the
evidence collection phase is determining if fraud actually occurred, not
determining if there is sufficient cause, or predication, to investigate the fraud
symptoms.
C. Evidence evaluation phase. This answer is incorrect because the objective of the
evidence collection phase is determining if the evidence collected is sufficient to
effectively evaluate and report the fraud.
D. Report findings phase. This answer is incorrect because the objective of the
evidence collection phase is to write up the fraud report,.
2. With regard to the four-step investigation strategy, determining if, in fact, a fraud actually
occurred is the objective of the:
A. Problem recognition and definition phase. This answer is incorrect because the
objective of the problem recognition and definition phase is determining if there is
sufficient cause, or predication, to investigate the fraud symptoms, not
determining if a fraud actually occurred.
B. Evidence collection phase. This answer is correct because the objective of the
evidence collection phase is determining if a fraud actually occurred.
evidence collection phase is to write up the fraud report.

determining if the evidence collected is sufficient to effectively evaluate and report the
fraud?
objective of the problem recognition and definition phase is determining if the
evidence collected is sufficient to effectively evaluate and report the fraud.
evidence collection phase is determining if a fraud actually occurred.
186
C. Evidence evaluation phase. This answer is correct because the objective of

the evidence evaluation phase is determining if the evidence collected is
sufficient to effectively evaluate and report the fraud.
evidence collection phase is writing up the fraud report, not determining if the
evidence collected is sufficient to effectively evaluate and report the fraud.
4. With regard to the four-step investigation strategy, what is often the only evidence
available to support the fraud investigation is the result of the:
objective of the problem recognition and definition phase is determining if there is
sufficient cause, or predication, to investigate the fraud symptoms.
evidence collection phase is determining if fraud actually occurred.
D. Report findings phase. This answer is correct because the objective of the
evidence collection phase is writing up the fraud report, which is often the
only evidence available to support the fraud investigation.
5. True or false: A fraud report should contain a conclusion or opinion as to whether a

fraud actually took place.
A. True. This answer is incorrect because a fraud report should not contain a
conclusion or opinion as to whether a fraud actually took place.
B. False. This answer is correct because a fraud report should not contain a
conclusion or opinion as it can be used as evidence in court, and opinions
could show prejudice.
6. The largest and most frequently gathered type of evidence is:
A. Documentary evidence. This answer is correct because the largest and most
frequently gathered type of evidence is documentary evidence.
B. People evidence. This answer is incorrect because, although the people who
interact with the fraud perpetrator on a day to day basis may know what the
perpetrator is doing, these people may be difficult to find.
C. Personal observation. This answer is incorrect because, although personal
observation may provide evidence not available through any other means, the
high cost and relative danger related to it makes documentary evidence easier to
collect.
D. Physical evidence. This answer is incorrect because physical evidence is the least
used evidence type due to its relative absence in a fraud case.
187
7. Which of the following means of obtaining possession of documentary evidence is issued

by a judge when there is probable cause to believe the records are being used or have been
used in committing of a crime?
A. Consent. This answer is incorrect because voluntary consent would typically be

given by companies and people being investigated that have nothing to hide and
willingly provide fraud investigators with the evidence they need.
B. Court order. This answer is incorrect because a court order requires a third party
to hand over documentary evidence known to be in its possession.
C. Subpoena. This answer is incorrect because a subpoena is a court order that
requires a third party to hand over documentary evidence known to be in its
possession.
D. Search warrant. This answer is correct because a judge will issue a search
warrant when there is probable cause to believe the records are being used or
have been used in committing of a crime.
8. By performing an alteration analysis, document examiners can determine:
A. If a handwritten document or signature is genuine. This answer is incorrect

because a handwriting analysis, not an alteration analysis, can determine if a
handwritten document or signature is genuine.
B. If a document was printed by a particular machine. This answer is incorrect
because a printer analysis, not an alteration analysis, can determine if a document
was printed by a particular machine.
C. If a document has been doctored or altered. This answer is correct because an
alteration analysis can determine if a document has been doctored or altered.
D. If a document is written on paper that is the same texture, thickness, color, and
opacity as the other pages. This answer is incorrect because a paper analysis, not
an alteration analysis, can determine if a document is written on paper that is the
same texture, thickness, color, and opacity as the other pages.
9. With regard to a net-worth calculation, the asset method:
A. Is used when the illicit income is spent on expensive living, travel, entertainment,
and buying assets such as cars and boats. This answer is incorrect because the
expenditure method is used when the illicit income is spent on expensive living,
travel, entertainment, rather than buying assets such as cars and boats.
B. Uncovers inconsistencies in revenue and expenses when the perpetrator uses
illicit income to purchase assets. This answer is correct because the asset
method uncovers inconsistencies in revenue and expenses when the
perpetrator uses illicit income to purchase assets.
C. Is used when the illicit income is spent on expensive living, travel, and
entertainment, rather than to buy assets such as cars and boats. This answer is
incorrect because the expenditure method is used when the illicit income is spent
on expensive living, travel, entertainment, rather than buying assets such as cars
and boats.
188
D. Uncovers inconsistencies in revenue and expenses when the perpetrator uses illicit
income to spend on expensive living, travel, entertainment. This answer is
incorrect because the expenditure method is used when the illicit income is spent
on expensive living, travel, entertainment, rather than buying assets such as cars
and boats.
10. True or false: The net-worth method produces a conservative calculation of the amount
of money the perpetrator has taken and, as a result, is readily accepted as documentary
evidence in a court of law.
A. True. This answer is correct because it is true that the net-worth method
produces a conservative calculation of the amount of money the perpetrator
has taken and, as a result, is readily accepted as documentary evidence in a
court of law.
B. False. This answer is incorrect because it is true that the net-worth method
produces a conservative calculation of the money the perpetrator has taken and is
also very useful for obtaining confessions.
11. Which of the following must a hotline possess in order to be successful?
A. A lack of anonymity, to open up lines of communication and allay fears of

reprisal. This answer is incorrect because a hotline must possess anonymity to be
successful.
B. Experienced phone operators to minimize the amount of information given by the
tipster and to screen out calls with merit. This answer is incorrect because a
hotline must possess experienced phone operators to maximize the amount of
information given by the tipster and to screen out calls without merit to be
successful.
C. It should prompt investigations to show employees that the tips are taken
seriously by management. This answer is correct because a hotline should
prompt investigations to show employees that the tips are taken seriously by
management.
D. Delay investigations to let things “cool down” and allay fears of reprisal. This
answer is incorrect because a hotline must not delay investigations in order to be
successful.
12. Which of the following interviewee types are usually the most helpful and objective of all
the interviewees?
A. Cooperative interviewees. This answer is incorrect because cooperative

interviewees are overly helpful and their motivations are suspect.
B. Neutral interviewees. This answer is correct because neutral interviewees
have nothing to gain or lose from the interview and are usually the most
helpful and objective of all the interviewees.
C. Guilty interviewees. This answer is incorrect because guilty interviewees are not
one of the three distinct types of interviewees listed in the text.
189
D. Hostile interviewees. This answer is incorrect because hostile interviewees are

often associated in some way with the suspect or the crime and are the most
difficult to interview.
13. Which of the following stages of those affected by fraud includes people insisting that
there is some mistake, acting stunned or dazed, or being unable to comprehend what took
place?
A. Denial. This answer is correct because in the denial stage people refuse to
accept that the fraud occurred, insisting that there is some mistake, acting
stunned or dazed, or being unable to comprehend what took place.
B. Anger. This answer is incorrect because in the anger stage people may strike out
at those around them and to say and do things they later regret.
C. Rationalization. This answer is incorrect because in the rationalization stage
people try to explain away or minimize the fraud.
D. Depression. This answer is incorrect because in the depression stage people may
become withdrawn and lose interest, or become uncooperative.
14. True or false: The difference between an interview and an interrogation is that an
interrogation is conducted to obtain information about the fraud, while an interview is
A. True. This answer is incorrect because an interview is conducted to obtain

information about the fraud, not to obtain a confession of information that can
impeach a subject.
B. False. This answer is correct because the difference between an interview
and an interrogation is that an interview is conducted to obtain information
about the fraud, while an interrogation is conducted to obtain a confession or
information that can impeach the suspect.
15. The secret and continuous observations of people, places, and things to obtain
information about the identity and activity of individuals suspected of fraud are known
as:
A. Surveillance. This answer is correct because surveillance is the secret and

continuous observations of people, places, and things to obtain information
about the identity and activity of individuals suspected of fraud.
B. Undercover operations. This answer is incorrect because in an undercover
operation, a person assumes a new identity in order to gather information about a
fraud.
C. Searches. This answer is incorrect because searches involve searching a suspect's
desk, locker, or other work area that can produce valuable evidence, not the secret
and continuous observations of people, places, and things to obtain information
about the identity and activity of individuals suspected of fraud.
190
D. Invigilation. This answer is incorrect because invigilation is a process of

observing and controlling company activities so closely for a period of time that
fraud is virtually impossible.
16. The observation evidence technique that is a process of observing and controlling
company activities so closely for a period of time that fraud is virtually impossible is
known as:
A. Surveillance. This answer is incorrect because surveillance is the secret and

continuous observations of people, places, and things to obtain information about
the identity and activity of individuals suspected of fraud.
B. Undercover operations. This answer is incorrect because in an undercover
operation, a person assumes a new identity in order to gather information about a
fraud.
C. Searches. This answer is incorrect because searches involve searching a suspect's
desk, locker, or other work area that can produce valuable evidence.
D. Invigilation. This answer is correct because invigilation is a process of
observing and controlling company activities so closely for a period of time
that fraud is virtually impossible.
17. True or false: Physical evidence is the most-used type of evidence in a fraud
investigation.
A. True. This answer is incorrect because physical evidence is the least used type of
evidence in a fraud investigation.
B. False. This answer is correct because document evidence is the largest and
most frequently gathered type of evidence.
18. The SEC appoints the five full time members of the PCAOB which consists of:
A. One Non-CPA member and four CPA members. This answer is incorrect because
the Non-CPA members outnumber the CPA members. There must be three Non-
CPA members and two CPA members.
B. Four Non-CPA members and one CPA member. This answer is incorrect because
there is actually more than just one CPA member. There must be three Non-CPA
members and two CPA members.
C. Two Non-CPA members and three CPA members. This answer is incorrect
because the required Non-CPA members and the required CPA members have
been reversed. There must be three Non-CPA members and two CPA members.
D. Three Non-CPA members and two CPA members. This answer is correct
because the PCAOB members must consist of three Non-CPA members and
two CPA members.
19. Near the end 1999, WorldCom’s situation was made especially precarious because:
191
A. It carried enormous debt and the stock market, long distance rates, and
subsequent sales all began to fall. This answer is correct because
WorldCom’s enormous debt, the stock market began to fall, as well as long
distance rates and subsequent sales made its situation especially precarious.
B. Energy prices were beginning to tumble and a world recession was on the
horizon. This answer is incorrect because energy prices beginning to tumble and
a world recession on the horizon made Enron’s situation precarious.
C. It overextended itself with a plan to construct a high-speed broadband
telecommunications network. This answer is incorrect because overextending
itself with a plan to construct a high-speed broadband telecommunications
network made Enron’s, not WorldCom’s, situation precarious.
D. Its directors signed off on lending agreements that were essentially margin loans
to buy company stock. This answer is incorrect because directors signing off on
lending agreements that were essentially margin loans to buy company stock
made Adelphia’s situation precarious.
20. True or false: The Adelphia fraud engineer, John Rigas, still receives cards from
Coudersport residents who remain faithful, and says that “most of the cards end with a
message that is most meaningful and that is that ‘you are in our prayers.’
A. True. This answer is correct because, even though John Rigas defrauded
investors out of millions of dollars, he still receives cards from Coudersport
residents who remain faithful.
B. False. This answer is incorrect because it is true that, even though John Rigas
defrauded investors out of millions of dollars, he still receives cards from
Coudersport residents who remain faithful.
192
Chapter 7: Review of Statement on Auditing Standards No. 99
Chapter 7 – Review of Statement on Auditing Standards No. 99

Learning Objectives
1. Describe the requirements of Statement on Auditing Standards No. 99 and identify
situations where these requirements would apply in the field.
According to Statement on Auditing Standards (SAS) No. 47, determining the nature, timing,
and extent of the audit procedures is directly related to the auditor’s consideration of audit risk.
SAS No. 47 also indicates that part of audit risk is the risk that the financial statements are
materially misstated due to fraud. Accordingly, fraud risk must be considered when making
inherent- and control-risk assessments and when designing auditing procedures.
SAS No. 82, Consideration of Fraud in a Financial Statement Audit, was issued in 1997 by the
Auditing Standards Board (ASB). Its purpose was to provide operational guidance to auditors on
how to better consider material fraud while conducting a financial-statement audit. Subsequently,
several panels and committees were organized and several studies of fraud were conducted to
determine how to improve audit procedures and guidance with respect to fraud.
In response to their findings, a Fraud Task Force was formed to revise SAS No. 82. The result is
SAS No. 99, also titled Consideration of Fraud in a Financial Statement Audit. The ASB
believes the requirements and guidance in SAS No. 99 will substantially improve audit
performance and increase the likelihood that auditors will detect material fraudulent financial
statements. Much of the improved performance will come from an increased focus on
professional skepticism as well as the requirement to ask management and other employees
about the existence of fraud in the company.
Unfortunately, it is not possible for an auditor to be absolutely sure that the financial statements
are free of material fraud. According to SAS No. 99, a “material misstatement may not be
detected because of the nature of audit evidence or because the characteristics of fraud may
cause the auditor to rely unknowingly on audit evidence that appears to be valid, but is, in fact,
false and fraudulent. Characteristics of fraud include concealment through (a) collusion by both
internal and third parties; (b) withheld, misrepresented, or falsified documentation; and (c) the
ability of management to override or instruct others to override what otherwise appear to be
effective controls.”
Although auditors have a responsibility to detect material fraud, management has the
responsibility of designing and implementing controls and programs to prevent and detect fraud.
However, members of management are not the only ones who are responsible for overseeing the
financial-reporting process. For example, the board of directors and the audit committee help
establish appropriate controls to prevent and detect fraud. They also have a responsibility to help
set a proper organizational tone and create and maintain an organizational culture of honesty,
integrity, and high ethical standards.
SAS No. 99 supersedes SAS No. 82, Consideration of Fraud in a Financial Statement Audit and
AU sec. 316. It amends SAS No. 1, Codification of Auditing Standards and Procedures, vol. 1,
193
AU sec. 230, “Due Professional Care in the Performance of Work.”
Brief Overview of SAS No. 99

SAS No. 99 has the following main components:
• Description and characteristics of fraud (SAS No. 99, paragraphs 5-12);
• Discussion among engagement personnel regarding the risks of material misstatement
due to fraud (SAS No. 99, paragraphs 13-16);
• Obtaining the information needed to identify the risks of material misstatement due to
fraud (SAS No. 99, paragraphs 17-31);
• Identifying risks that may result in a material misstatement due to fraud (SAS No. 99,
paragraphs 32-38);
• Assessing the identified risks after taking into account an evaluation of the entity’s
programs and controls that address the risks (SAS No. 99, paragraphs 39-42);
• Responding to the results of the assessment (SAS No. 99, paragraphs 43-66);
• Evaluating audit test results (SAS No. 99, paragraphs 67-77);
• Communicating about possible fraud to management, the audit committee, and others
(SAS No. 99, paragraphs 78-81);
• Documenting the auditor's consideration of fraud (SAS No. 99, paragraph 82);
• Appendix A: Examples of fraud risk factors; and
• Appendix B: Proposed amendment to Statement on Auditing Standards No. 1,
Codification of Auditing Standards and Procedures.
The first item in the above list, description and characteristics of fraud, was discussed earlier in
the course. Each of the remaining items are now discussed.
Discussion Regarding the Risks of Material Misstatement Due to Fraud

While planning the audit, team members should discuss among themselves the potential for
material misstatement due to fraud as well as how and where the company’s financial statements
might be susceptible to material fraud. This will help team members remember how important it
is to adopt an appropriate mindset of professional skepticism, especially with respect to the
potential for material misstatement due to fraud.
SAS No. 99 does not require any specific means of communication, only that the medium used
should permit an interactive exchange of ideas. It does state that an oral discussion is preferred
(as opposed to a memorandum or email discussion), probably because it best promotes and
facilitates the desired free interchange of ideas among team members.
Guidance is also provided as to the extent of the discussion, how it should occur, and who should
be included. Clearly, professional judgment should be used in making these determinations and
the following items should be considered:
• The number of locations -- Because each location can be different, key audit-team
194
members should be involved in discussions at each significant location. SAS No. 99

states that auditors need to consider the guidance provided in SAS No. 47 (AU sec.
312.18) as they select locations.
• Whether or not to include specialists assigned to the audit team -- For example, when
information technology plays an import role in an organization, it is often useful to
include an IT specialist in the discussions.
SAS No. 99 also provides guidance as to what items the audit team should discuss.
• Experienced audit-team members, especially the auditor with final responsibility for the
audit, should share his or her insights and knowledge about the organization being
audited and the industry in which it operates.
• Audit-team members should discuss the possibility and likelihood of management
overriding the organization’s internal controls. Audit-team members should approach the
discussion with a questioning mind and set aside any prior beliefs regarding management
honesty and integrity.
• Another issue that should be discussed is how the organization’s financial statements
might be susceptible to material-misstatement fraud and where fraud is most likely to
occur. This discussion should include all known external and internal factors affecting the
organization that might create pressures (incentives, motives, etc.) for management or
other employees to commit fraud, allow an opportunity to commit and conceal a fraud,
and indicate a corporate culture or environment that enables management to rationalize
fraud.
• It is important to maintain the proper state of mind (an attitude of professional
skepticism) throughout the entire audit engagement.
o Auditors must have a questioning mind that recognizes that there may be material
misstatements in the financial statements due to fraud.
o They must also constantly be on the alert for any information that indicates a
potential material misstatement.
o Auditors should set aside any belief they have about management’s honesty and
integrity. They should not be satisfied with evidence that is not persuasive just
because they believe management is honest.
o It is important to critically assess audit evidence regarding the potential for
material misstatement due to fraud.
Obtaining the Information Needed to Identify Fraud

To assess the risks of material misstatement due to fraud, SAS No. 99 requires auditors to gather
more information than simply considering the risk factors, as was required in SAS No. 82. To
obtain the information they need to identify the risks of material fraud, the audit team should
195
perform the procedures outlined below.
Make Inquiries of Management and Others within the Entity About Fraud
SAS No. 99 states “The auditor’s inquiries of management and others within the entity are
important because fraud often is uncovered through information received in response to
inquiries. One reason for this is that such inquiries may provide individuals with an opportunity
to convey information to the auditor that otherwise might not be communicated.”
However, in some cases responses to inquiries will be inconsistent. In other instances, the
information an auditor is given while making inquiries will need to be substantiated. The auditor
must exercise professional judgment in deciding what additional evidence must be gathered to
resolve these concerns.
Auditors should address their inquiries with several groups within an organization.
• Management -- SAS No. 99 states that management should be interviewed to determine
their views with respect to the organization’s fraud risks, and how those risks are
addressed. The expanded inquiries of management should cover the following:
o Whether management knows of any fraud that has taken place or is currently
being perpetrated.
o Whether management knows of any past or current allegations of fraudulent
financial reporting. These fraud allegation tips often come from current or former
employees, analysts, short sellers, or other investors.
o The fraud risks the organization faces and management’s understanding of those
risks. Of particular importance are specific fraud risks the organization has
identified, or account balances or classes of transactions where the risk of fraud is
more likely to exist.
o The controls and programs management has put in place to reduce, deter, prevent,
or detect fraud risks, and the procedures management uses to monitor them.
o How, and to what extent, management monitors multiple locations and business
segments.
o Whether any of the operating locations or business segments has a higher risk
than normal.
o When and how management communicates its views on business practices and
ethical behavior to its employees.
o The nature and extent of management reports to the audit committee (or the board
of directors, the board of trustees, or the company’s owner) with respect to the
following:
¾ All five interrelated components of internal control: the control
environment, control activities, risk-assessment processes,
information and communication systems, and monitoring
196
activities; and
¾ How well management believes their internal controls prevent,
deter, and detect material fraud.
• Audit committee -- Managers are not the only ones who should take an active oversight
role with respect to the organization’s fraud-risk assessment and the controls and
programs established to deter, prevent, or detect fraud risks. SAS No. 99 states that
inquiries of the audit committee should cover the following:
o How the audit committee oversees the organization’s fraud-risk assessment;
o The controls, programs, and procedures the organization uses to eliminate or
reduce fraud risks;
o How the audit committee views the risks of fraud; and
o Whether any of the audit-committee members know of any suspected or actual
fraud.
• Internal-audit personnel -- The auditor also should make inquiries of appropriate

internal-audit personnel. The inquiries should cover the following:
o How the internal-audit function views the risks of fraud;
o The procedures they performed during the year to test for fraud;
o How management responds to their fraud findings, and whether their response has
been satisfactory; and
o Whether any of the internal auditors know of any suspected or actual fraud.
• Others in the organization -- Management, the audit committee, and internal audit are
not necessarily the only ones that should be asked about fraud, as others in the
organization can often provide auditors with valuable perspectives. The information they
provide can support management responses, help uncover management override of
controls, and indicate how effectively management communicates standards of ethical
behavior.
The auditors must use his or her professional judgment to decide who else in the organization
should be asked about fraud and the extent of those inquiries. The key consideration in making
this decision is whether a person can provide information that will help the auditor identify fraud
risks. Auditors are most likely to make inquiries of the following:
• Anyone the auditor interacts with during the normal course of the audit, such as while
obtaining an understanding of the organization’s internal-control system, observing
inventory, performing cutoff tests, or investigating fluctuations uncovered during
analytical procedures;
197
• Operating personnel who are not part of the financial-reporting process;

• Employees in positions of leadership or authority;
• Employees who initiate, record, or process unusual or complex transactions;
• Individuals who might know if there is any inappropriate or unauthorized activity with
respect to processing journal entries and other adjustments; and
• In-house legal counsel.
Consider the Results of the Analytical Procedures Performed While Planning the Audit
Auditors perform analytical procedures as they plan audits in order identify items that need to be
investigated, such as transactions, events, amounts, ratios, or trends that, based on the auditor’s
understanding of the entity and its environment, do not agree with what the auditor expects to
find. These analytical procedures, typically performed on high-level, aggregated data, can be a
valuable tool in identifying where auditors should look to assess fraud risks. All unusual items
should be investigated to determine if they are indicative of fraud.
The most frequent type of financial-statement fraud involves improper revenue recognition.
Accordingly, SAS No. 99 indicates that it is especially important to perform revenue-related
analytical procedures. For example, monthly revenue for the current reporting period could be
compared to revenue recorded in a comparable prior period.
Consider Fraud Risk Factors

The auditor should use his or her professional judgment to evaluate the evidence that is gathered
to: (i) determine if the evidence indicates that one or more fraud risk factors are present; and (ii)
identify and assess the risks of material fraud if risk factors are present.
Most of the risk factors contained in SAS No. 82 are included in SAS No. 99 and a few
additional risk factors have been added. However, the fraud risk factors have been reorganized to
help facilitate risk assessment by the auditor. The fraud risk factors are presented based on the
two types of fraud: fraudulent financial reporting and misappropriation of assets. Within each of
these two fraud types, the risk factors are based on the fraud triangle, the three conditions
generally present when material misstatements due to fraud occur: (i) pressure, sometimes
referred to as incentive or motive; (ii) an opportunity to commit and conceal the fraud; and (iii)
rationalization (sometimes referred to as attitude).
These fraud risk factors are presented in SAS No. 99, Appendix A, which is titled “Examples of
Fraud Risk Factors.” Because fraud risk factors were covered extensively in prior chapters, they
are not covered again here.
Consider Other Information That May Be Helpful in Identifying Risks

Although SAS No. 99 indicates that the three most important ways for auditors to obtain the
information they need to identify frauds risks are to make inquiries of management, perform
analytical review tests, and consider fraud risk factors, there are other viable ways to obtain
information about fraud risk, such as the following:
• During the planning phase of the audit, audit-team discussions may provide useful
198
information;
• While obtaining and reviewing the information gathered during the acceptance and
continuance of clients and engagements;
• While conducting reviews of interim financial statements; and
• While considering audit risk, especially with respect to identified inherent risks, at the
individual account balance or class of transaction level.
Identifying Risks That May Result in a Fraudulent Material Misstatement

The number of fraudulently misstated financial statements in any given year, in comparison to
the total number conducted in a year, is very small. Many auditors never run across a single case
of fraudulently misstated financial statements in their entire career. As a result, many auditors
can be “lulled to sleep”; that is, they become lax in their fraud-detection efforts. Other auditors,
due to lack of experience, find it hard to recognize fraud risk factors or to determine what
additional evidence to gather when they are found. In any event, it is important that auditors do
not conclude that one or more fraud risks are not present in a particular entity because of
inattentiveness or lack of experience.
The previous section described the ways auditors could obtain the information they need to
identify the risk of material misstatement due to fraud. The auditor must use the information he
or she obtains as well as his or her professional judgment to identify fraud risks. In doing so, the
auditor needs to consider the following nine factors:
• The type of risk (fraudulent financial reporting or misappropriation of assets) that exists.
• The significance of the risk. (Is it large enough to be material?)
• The likelihood of the risk (the probability that the factor will actually result in a material
misstatement).
• The pervasiveness of the risk (whether it is pervasive to the financial statements as a
whole or related to a particular assertion, account, or class of transactions).
• The fraud triangle. Although fraud risks are more likely to exist when all three conditions
are observed, the auditor does not need to find all three conditions to identify a fraud risk.
Some of the conditions are hard to spot without the benefit of hindsight. For example, it
is hard to observe the rationalization process.
• The client’s size, complexity, and ownership attributes.
• The number of operating locations or business segments, as this often requires a separate
risk identification for each location or segment.
• Assertions, accounts, and classes of transactions that have high inherent risk. Because
these items are subject to significant judgment and subjectivity, managers are better able
and more likely to manipulate them. SAS No. 99 provides the following two examples:
“Liabilities resulting from a restructuring may be deemed to have high inherent risk
because of the high degree of subjectivity and management judgment involved in their
estimation. Similarly, revenues for software developers may be deemed to have high
199
inherent risk because of the subjectivity involved in recognizing and measuring software
revenue transactions.”
• Management override of controls. The auditor needs to address the risk of management
override of controls regardless of whether the auditor is able to identify specific fraud
risks. In many cases, management has overridden controls to perpetrate fraud using such
techniques as recording fictitious journal entries (particularly those recorded close to the
end of an accounting period to manipulate operating results), intentionally biasing
assumptions and judgments used to estimate account balances, and altering records and
terms related to significant and unusual transactions.
• Because revenue recognition is so susceptible to manipulation, the auditor will usually
determine that there is a risk of material misstatement due to management override of
internal controls. For example, revenues can be overstated (premature revenue
recognition or recording fictitious revenues) or understated (misapplication of cash
receipts).
Assessing the Identified Risks

As a preamble to discussing how to assess identified fraud risks, SAS No. 99 reviews some of
the requirements of SAS No. 55. These requirements are as follows:
• The auditor must understand each of the five components of internal control well enough
to plan the audit;
• The auditor should use his or her understanding of internal control to identify potential
misstatements, consider factors that affect the risk of material misstatement, design tests
of controls when applicable, and design substantive tests;
• Understand that manual and automated controls can be circumvented by collusion of two
or more people or inappropriate management override of internal control.
Organizations can implement controls to reduce or eliminate fraud on two levels: (i) specific
controls can be designed to reduce or eliminate specific fraud risks (for example, controls to
protect easily stolen assets such as cash or inventory); and (ii) general programs can be designed
to prevent, deter, and detect fraud. An example is fraud awareness training for all employees on
policies, procedures, and programs to promote a culture of honesty and ethical behavior.
Once an understanding has been obtained of the client’s general and specific controls, the auditor
must determine if they have been properly designed to prevent or detect the identified risks of
material misstatement due to fraud or whether specific control deficiencies may exacerbate the
risks. If the programs and controls are properly designed, auditors must verify that they are in
place and operational. Then the auditor should use the controls evaluation to assess fraud risks
and determine a response to those risks. These responses are discussed in the next section.
Responding to the Results of the Assessment

As previously explained, the nature and significance of fraud risks, as well as client programs
200
and controls to address those risks, influence the auditor's response to the fraud-risk assessment.
The auditor can respond to the fraud-risk assessment in four ways:
1. An overall response to identified risks (that is, general considerations, apart from planned
specific procedures, that have an overall effect on how the audit is conducted).
2. A response to identified risks that involves the nature, timing, and extent of procedures to
be performed.
3. A response to the risk that management could override controls. (Because management
can often override traditional controls, substantive tests should be conducted to evaluate
the risk of management overrides.)
4. If the auditor decides it is impracticable to design auditing procedures to sufficiently
address identified fraud risks, he or she should withdraw from the engagement and
communicate with the appropriate parties.
Overall Responses to Identified Risks

Fraud-risk judgments can have a number of overall effects on how an audit is conducted. SAS
No. 99 lists the following:
• Professional skepticism and audit evidence -- Professional skepticism is an attitude that
auditors must have regardless of whether or not fraud risks are identified. When fraud
risks are identified the auditor should heighten his or her skepticism and seek to increase
the quantity or quality of audit evidence, or both, in all areas of the audit. SAS No. 99
lists the following examples of how audit evidence would be affected when fraud risks
are identified.
o Design additional or different auditing procedures to obtain more reliable
evidence in support of specified financial-statement account balances, classes of
transactions, and related assertions; and
o Obtain additional corroboration of management’s explanations or representations
concerning material matters, such as through third-party confirmation; the use of a
specialist; analytical procedures; examination of documentation from independent
sources; or inquiries of others within or outside the entity.
• Assignment of personnel and supervision -- When fraud risks are identified, the auditor
may respond by assigning more experienced personnel, assigning staff with specialized
skills and knowledge, increasing the amount and quality of staff supervision, or some
combination of those three alternatives.
• Accounting principles -- Another overall audit impact when fraud risks are identified is
a closer examination of management’s selection and application of significant accounting
principles to determine if an inappropriate application of the principles results in a
material misstatement of the financial statements. Of particular importance are principles
related to subjective measurements and complex transactions, and whether the collective
201
application of principles indicates a bias that results in a material misstatement.

• Predictability of auditing procedures -- Auditors generally perform the exact same
tests every year. Armed with this knowledge, perpetrators can use concealment schemes
that are not detected by these audit tests. When risk factors are identified, the auditor
should consider adding an element of unpredictability to his or her selection of auditing
procedures. For example:
o Change the sampling methods used;
o Test immaterial or low-risk accounts the auditor does not normally test;
o Vary the timing of the tests they perform so they are more unpredictable; and
o Perform procedures on an unannounced basis or at different locations.
Responses to Identified Risks Involving the Nature, Timing, and Extent of Procedures to
Be Performed
The nature, timing, and extent of audit procedures performed (both substantive tests and tests of
controls) is impacted by the types or combinations of risks the auditor identifies. It is also
impacted by account balances and transaction classes and their related assertions. In most cases,
substantive tests are affected because audit risk cannot be reduced sufficiently through tests of
controls, as management may be able to override controls that seem to be operating effectively.
Auditing procedures can be changed in the ways described below to address specifically
identified fraud risks.
• The nature of auditing procedures. When fraud risks are identified, auditors should
consider obtaining more reliable evidence or additional corroborative evidence. The
nature of auditing procedures performed may be changed in one or more of the following
ways:
o Obtain more evidential matter from independent or third-party sources. For
example, the auditor might seek public-record information to verify the existence
and the nature of key customers, vendors, or counter parties in a major
transaction.
o Physically observe or inspect more assets than are normally observed and/or
observe assets not normally observed.
o Make use of more or not previously used computer-assisted audit techniques. This
facilitates the auditor gathering more extensive evidence about significant
accounts and data stored in electronic data files.
o Increase the number of people, especially those in management, that are
interviewed about fraud risks to identify issues and obtain corroborating evidence.
o Interview people in the areas where fraud risk is identified, seeking their insights
into both the identified risk and how controls address the risk.
o When independent CPA firms audit the statements of subsidiaries, divisions, or
202
branches, discuss with them how much evidence needs to be gathered to address
fraud risk.
• Vary the timing of substantive tests.
o Decide not to perform interim substantive tests because the risks of intentional
misstatement or manipulation make them ineffective.
o Perform substantive tests of transactions throughout the period being audited
because intentional misstatements, such as inappropriate revenue recognition,
may have taken place during the interim period.
o Perform procedures at locations on a surprise or unannounced basis. For example,
the auditor could observe inventory either on unexpected dates or at unexpected
locations, or both. The auditor could also count cash on a surprise basis.
• Change the extent to which procedures are applied. When fraud risks are identified,
more evidence may need to be gathered. This can be done in the following ways:
o Increase sample sizes.
o Perform substantive analytical procedures using disaggregated data. For example,
gross-profit or operating margins by location, by line of business, or by month
could be compared to auditor-developed expectations.
o Test electronic transactions and account files more extensively. Use computer-
assisted audit techniques to test entire populations or select transactions with
specific characteristics.
o Supplement written confirmations with oral inquiries of major customers and
suppliers. Alternatively, confirmations could be sent to a specific person at the
customer or supplier.
Example Responses to Specific Fraudulent-Financial-Statement Risks

SAS No. 99 provides the following examples of how the nature, timing, and extent of tests can
be modified in response to specific, identified fraudulent-financial-statement risks.
• Revenue recognition -- Because there are more revenue-recognition financial statement
frauds than almost any other type, revenue accounts are particularly susceptible to fraud.
In addition, since industries can be very different, revenue recognition among industries
can vary significantly. Accordingly, auditors need to develop auditing procedures based
on their understanding of the entity, its environment, and its industry that take into
account this additional fraud risk. If there is identified fraud risk involving improper
revenue recognition, the auditor also may want to consider the following procedures:
o Perform substantive revenue-related analytical procedures using disaggregated
data. For example, the auditor could compare monthly, product-line, or business-
segment revenue to a comparable prior period. Computer-assisted audit
techniques are especially useful in identifying unusual or unexpected revenue
203
relationships or transactions.
o Confirm contract terms and the absence of side agreements with customers. Some
of the most important revenue-recognition-related items to confirm are:
¾ Acceptance criteria;
¾ Delivery and payment terms;
¾ The absence of future or continuing vendor obligations;
¾ The right to return the product;
¾ Guaranteed resale amounts; and
¾ Cancellation or refund provisions.
o Inquire about end-of-period sales or shipments and any unusual terms or
conditions associated with them. The best people to ask are sales and marketing
personnel and in-house legal counsel.
o Another effective procedure involves being physically present at one or more
locations at period end, in order to:
¾ Observe goods being shipped;
¾ Observe goods being readied for shipment;
¾ Observe returns awaiting processing; and
¾ Perform sales and inventory cutoff procedures the auditor deems
appropriate.
o Test whether controls provide assurance that recorded revenue transactions
occurred and are properly recorded. This is especially important for revenue
transactions that are electronically initiated, processed, and recorded.
• Inventory quantities -- When identified fraud risks are related to inventory quantities,
the auditor should consider the following audit procedures:
o Examine inventory records to identify locations or items that, during or after the
physical inventory count, require specific attention.
o Observe inventory counts at certain locations on an unannounced basis.
o Observe inventory counts at all locations on the same date.
o Count inventory at the end of the reporting period, or on a date closer to period-
end. This will help minimize the risk that account balances are manipulated
between the date the count is completed and the date the reporting period ends.
o Use a specialist.
o Perform additional procedures during the observation of the count, such as:
¾ Examining the contents of boxed items more carefully;
¾ Examining the way goods are stacked (check for hollow squares, etc.) or
labeled;
¾ Verifying the purity, grade, and concentration of liquid substances; and
204
¾ Testing more count sheets, tags, or other records to minimize the risk that
they will be altered later or compiled improperly.
o Test the reasonableness of physical counts in other ways, such as:
¾ Comparing current-period quantities with those of prior periods. This is
best done by inventory class or category, location, or some other criteria.
¾ Agreeing count quantities to perpetual records.
¾ Sorting tags numerically to test tag controls or by item serial number to
determine if tags have been duplicated or omitted.
• Management estimates -- Many financial-reporting frauds are perpetrated by
intentionally misstating one or more of the estimates that are a part of financial
statements. Estimates are based on both objective and subjective factors, and the
subjective factors are susceptible to bias even when competent personnel use relevant and
accurate data to make their estimates. Some of the more important estimates involve: (i)
asset valuation; (ii) specific transactions, such as acquisitions, restructurings, and
disposing of a business segment; and (iii) significant accrued liabilities, such as pension
and other post-retirement benefit obligations and environmental remediation liabilities.
• Management has final responsibility for making most of the assumptions or judgments
that are used to make these estimates. They are also responsible, on an ongoing basis, for
monitoring the reasonableness of the accounting estimates.
• In addressing fraud risk involving management estimates, the auditor should consider
supplementing management’s estimates with additional audit evidence, using it to
develop an independent estimate, comparing it to management’s estimate, and
determining if any differences indicate a possible bias on the part of management. If so,
the auditor should reconsider the estimates taken as a whole.
• Another way to test for possible management biases is to review management judgments
and assumptions from prior periods. If they were not accurate or realistic, it may indicate
that current-year estimates may be biased. The best choices for retrospective reviews are
estimates significantly affected by management judgments or based on highly sensitive
assumptions. It is important to realize that these reviews are not intended to call into
question the auditor’s prior-year professional judgments that were based on the
information available at the time. When auditors identify a possible prior-year bias in an
accounting estimate they should determine if it represents a fraud risk. If so, the auditor
should reconsider the estimates, taken as a whole.
Example Responses to Fraud Risks Related to Misappropriation of Assets

The auditor may identify fraud risks related to misappropriation of assets, such as large amounts
of easily accessible cash or inventory that can easily be stolen and sold. In such cases, audit
response is usually directed toward the specific information that was identified and the account
205
balance in question. Appropriate responses include the following:

• Analyze any controls designed to prevent or detect the misappropriation and test their
operating effectiveness;
• Physically inspect the assets at or near the end of the reporting period; and
• Perform substantive analytical procedures, such as comparing expected dollar amounts to
recorded amounts.
Responses to the Risk of Management Override of Controls

Management fraud is particularly difficult to detect for a number of reasons. Due to their position
on top of the organization’s hierarchy, managers are in a unique position to both commit and
conceal fraud. They are able to directly or indirectly manipulate accounting records and present
fraudulent financial information. They are also in a position to direct employees to perpetrate the
fraud or to ask for their help in perpetrating the fraud.
Management is often able to override controls that, when not overridden, operate effectively and
mitigate fraud risks. Also segment or division managers are often in a position to fudge their
accounting records in a way that materially misstates the organization’s consolidated financial
statements.
Unless the auditor concludes that they should not be performed, the procedures to address the
risk of management override of controls described below are appropriate for most audits. The
procedures should always be performed for financial-statement audits of public entities because
investors place pressures on management to achieve a given level of financial performance and
management can be tempted to fudge numbers to achieve financial-performance objectives.
These procedures should also be performed for nonpublic-entity financial statements audits.
They also face pressures from the board of directors, contributors, investors, creditors, or
vendors, or there is pressure to meet financial or other performance targets. Although infrequent,
SAS No. 99 provides three examples of when the auditor may decide that some or all of these
procedures are not necessary.
• The client is a nonpublic entity or a not-for-profit organization for which the auditor
concludes there is little incentive or pressure to achieve specified levels of financial
performance to satisfy either external or internal users of the financial statements or to
inappropriately minimize income-tax liabilities;
• An employee benefit plan performed to satisfy regulatory requirements and the auditor
concludes there is little incentive or pressure to inappropriately report the financial
condition or performance of the plan; or
• A subsidiary performed solely to satisfy statutory requirements that are unrelated to
financial condition or performance.
Should the auditor conclude that the procedures to test for management override of controls are
not necessary, he or she should document that conclusion. Documentation requirements are
discussed more fully later in this chapter.
206
SAS No. 99 recommends the following audit procedures to address the risk that management
overrides controls: (i) an examination of journal entries and other adjustments, especially at or
near period-end; (ii) a review of accounting estimates for bias, particularly a retrospective review
of significant management estimates; and (iii) an evaluation of significant, unusual transactions,
especially at or near period-end.
Examining Journal Entries and Other Adjustments

Fraudulent financial reporting is often perpetrated using inappropriate or unauthorized journal
entries. It is also perpetrated by adjusting financial-statement amounts that are not reflected in
formal journal entries. Examples include consolidating adjustments, report combinations, and
reclassifications. As a result, auditors should test both journal entries recorded in the general
ledger and adjustments made while preparing the financial statements, such as entries posted
directly to financial-statement drafts, for appropriateness and authorization.
Auditors are required to understand the client’s system of internal controls. They should also
obtain an understanding of whether the controls are suitably designed and have been placed in
operation. Auditors are also required to understand the automated and manual procedures their
clients use to prepare financial statements and related disclosures, including procedures used to:
(i) enter transaction totals into the general ledger; (ii) initiate, record, and process journal entries
in the general ledger; and (iii) record recurring and nonrecurring adjustments to the financial
statements.
Auditors should use this understanding to identify the client’s normal journal entries and
adjustments (nature or type, number, size, source, etc.) and the procedures and controls used
(who is authorized to make them, required approvals, how they are recorded, etc). This
knowledge will help the auditor spot inappropriate or unauthorized journal entries and
adjustments, which often have one or more of the following unique identifying characteristics:
• The entry or adjustment was made to unrelated, unusual, or seldom-used accounts or
business segments;
• It was recorded at the end of the reporting period, as post-closing entries, or before or
during the preparation of the financial statements;
• It often has little or no explanation or description;
• It often has no account number; and
• It contains round numbers or a consistent ending number.
In testing journal entries and adjustments, the auditor should use his or her professional judgment
to determine the nature, timing, and extent of the tests. In making those decisions, the auditor
should consider the following:
• Identified fraud risk factors can help the auditor select which journal entries to test and
determine the extent of testing necessary.
• If the auditor tests the controls over the preparation and posting of journal entries and
finds them effective, it may be possible to reduce the extent of substantive testing of
207
journal entries.
• Audit procedures will be different in a manual, paper-based system than in an automated
financial-reporting system. In paper-based system, the auditor will inspect the general
ledger to identify which journal entries to test and to examine support for the selected
items. In a computer-based system, as journal entries and adjustments often only exist in
electronic form, the auditor will normally use computer-assisted audit tools to identify the
items to test.
• Accounts or transactions that are complex or unusual in nature, contain significant
estimates, or are associated with an identified fraud risk deserve added attention, as they
are prone to fraud.
• When clients have several locations or components, the auditor should consider using the
factors set forth in SAS No. 47 to select journal entries from the various locations.
• The auditor should consider testing journal entries and adjustments throughout the
reporting period, as they can take place any time during the reporting period. However,
special attention should be paid to end-of-period journal entries and adjustments, as that
is when fraudulent entries are most likely to occur.
Evaluating the Business Rationale for Significant Unusual Transactions

While performing an audit, the auditor should keep his or her eyes open for significant
transactions that are either: (i) not part of the organization’s normal course of business; or (ii)
unusual based on the auditor’s understanding of the organization and its environment. When one
of these transactions is discovered, the auditor should determine the business rationale behind the
transaction and evaluate whether its purpose was to misstate the financial statements. Of
particular importance is whether the other party to the transaction: (i) is an unidentified related
party; or (ii) needs the financial strength of the client to support or complete the transaction.
Evaluating Audit-Test Results
Assessing Fraud Risk Throughout the Audit

Auditors are required to assess the risk of material fraudulent misstatements throughout the audit.
In doing so, they may identify conditions during fieldwork that either change or support their
judgment regarding the assessment of fraud risk. SAS No. 99 lists examples, which are provided
below.
• Accounting records discrepancies, such as:
o Transactions that are incomplete or not recorded or timely manner;
o Transactions that are not properly recorded as to company policy, amount,
accounting period, or classification;
o Balances or transactions that are unsupported or unauthorized;
o Last-minute adjustments, especially those that significantly affect financial
results; and
o Employees accessing the organization’s information systems or accounting
208
records in ways that are inconsistent with their authorized duties.

• Evidential matter that is conflicting or missing, such as:
o Documents that are missing;
o Substituting photocopied or electronically transmitted documents for originals;
o Items on reconciliations that are significant and unexplained;
o Responses from management or employees that are inconsistent, vague, or
implausible;
o Organization records that are significantly different from third-party responses,
such as confirmation replies;
o Inventory or physical assets of significant magnitude that are missing;
o Electronic evidence that is missing, unavailable, or is not maintained according to
the organization’s record-retention practices or policies; and
o No evidence that systems developed or updated during the year were tested prior
to and during implementation.
• Relationships between the auditor and client are problematic or unusual. For example:
o The client denies the auditor access to records, facilities, or people (employees,
customers, vendors, etc.). It is important to note that this denial may represent a
scope limitation that might require the auditor to qualify or disclaim an opinion on
the financial statements.
o Management imposes undue time pressures, especially for complex or contentious
issues.
o Inappropriate management actions such as intimidation of audit-team members or
complaints about how the audit is conducted. This is particularly serious when it
relates to the auditor’s critical assessment of audit evidence or to how potential
disagreements with management are resolved.
o Unusual delays in providing requested information.
o Tips or complaints about alleged fraud.
o The client is not willing to allow the auditor access to electronic files so they can
be tested using computer-assisted audit techniques.
o Access is denied to IT facilities and personnel (security, operations, development,
etc.).
Evaluating Whether Analytical Procedures Indicate a Previously Unrecognized Fraud Risk

Auditors need to perform and review analytical procedures at least twice. They need to do so
while planning the audit, in order to identify unusual or unexpected relationships that might
indicate fraud. Identified fraud risks should be investigated during the course of the audit.
Auditors also need to perform and review analytical procedures while reviewing audit results
near the completion of the audit to determine whether analytical procedures performed as
209
substantive tests indicate any previously unrecognized fraud risks. SAS No. 99 gives a special
emphasis to revenue-related analytical procedures, stating that they should be performed through
the end of the reporting period. Any previously unrecognized fraud risks should be investigated.
In analyzing the results of the analytical procedures, the auditor must exercise his or her
professional judgment to determine which particular trends and relationships might indicate
fraud risk. It is particularly important to carefully review year-end revenue and income. Two
examples of unusual relationships that might indicate fraud are uncharacteristically large
amounts of income from unusual transactions during the last few weeks of the reporting period
and income that is not consistent with prior trends in cash flow from operations.
When a fraud is perpetrated, normal relationships and trends are often thrown out of balance and
can be spotted by the auditor. A clever perpetrator will cover his or her tracks by manipulating
other data to make these relationships and trends appear normal. However, there are certain
types of information that management and employees have a hard time manipulating in order to
create seemingly normal or expected relationships. These unusual or unexpected analytical
relationships are especially useful to auditors as they seek to uncover fraud risks and evidence of
fraud. Some of the more useful relationships are presented in SAS No. 99:
• The relationship of net income to cash flows from operations may appear unusual
because management recorded fictitious revenues and receivables but was unable to
manipulate cash.
• A change in inventory, accounts payable, sales, or cost of sales from the prior period to
the current period may be inconsistent, indicating a possible employee theft of inventory,
because the employee was unable to manipulate all of these accounts.
• A comparison of the entity’s profitability to industry trends, which management cannot
manipulate, may indicate trends or differences for further consideration when identifying
risks of material misstatement due to fraud.
• A comparison of bad-debt write-offs to comparable industry data, which employees
cannot manipulate, may provide unexplained relationships that could indicate a possible
theft of cash receipts.
• An unexpected or unexplained relationship between sales volume as determined from the
accounting records and production statistics maintained by operations personnel -- which
may be more difficult for management to manipulate -- may indicate a possible
misstatement of sales.
When the auditor spots unusual relationships, one way to investigate them is to ask the client to
explain what might have caused them. In such cases, it is especially important to note the client’s
reactions to the questions. Responses that are vague, implausible, or are contrary with other
evidential matter gathered during the audit should be investigated very carefully, as the client
may be trying to cover up fraudulent activity. However, there is another good explanation for
the client’s behavior and that is that he or she might not know what caused the unusual
relationship and might be reluctant to admit it.
210
Evaluating Fraud Risk At or Near the Completion of the Audit

Before the audit can be completed, the audit team needs to make a qualitative evaluation, based
primarily on the auditor's judgment, of whether or not the evidence gathered from auditing
procedures, analytical relationships, and other tests and observations affect the fraud-risk
assessment made during planning. Based on this evaluation, the audit team must decide whether
or not they need to perform any additional audit procedures or perform different audit
procedures. During this evaluation, the person in charge of the audit must also determine that
there has been appropriate and sufficient communication with other audit-team members about
potential fraud risks.
Responding to Misstatements That May be the Result of Fraud

When auditors identify a financial statement misstatement, they need to determine whether or not
it indicates that fraud has occurred. They also need to determine if the amount of the
misstatement is material to the financial statements.
• When the amount is not material to the financial statements -- SAS No. 47 states
“misstatements of relatively small amounts that come to the auditor’s attention could
have a material effect on the financial statements.” So what should the auditor do if he or
she believes misstatements are or may be the result of fraud, but the amount, by itself, is
not material to the financial statements? According to SAS No. 99, the auditor “... should
evaluate the implications, especially those dealing with the organizational position of the
person(s) involved.” SAS No. 99 then gives the following two examples;
o Petty-cash-fund misappropriations normally have little effect on an auditor’s
assessment of fraud risk. Management typically does not have custody of the fund
or administer it, and the amount lost is limited due to the small size of the fund.
o Immaterial fraud involving management is more serious, as it might indicate a
lack of integrity on the part of management. As a result, the auditor should
determine how a lack of management or employee integrity will affect the audit.
In particular, the auditor should re-evaluate the fraud-risk assessment and its
resulting impact on the nature, timing, and extent of the tests of balances or
transactions as well as the assessment of how effective the controls are if control
risk was assessed below the maximum.
• When the amount is material to the financial statements -- When the misstatement is,
or may be, the result of fraud and is material to the financial statements (or materiality is
unknown), the auditor should do the following:
o Determine how this impacts other aspects of the audit.
o Talk to management that is at least one level above those involved, with senior
management, and the audit committee. If senior management is thought to be
involved, the auditor should go straight to the audit committee. These discussions
should lead to a determination as to how to investigate the fraud.
211
o Gather additional evidence to determine whether material fraud has actually

occurred or is likely to have occurred. If it has, the auditor should determine the
fraud’s effect on the financial statements and the audit report.
o Where appropriate, suggest that the client consult with legal counsel.
• The amount represents a significant risk of material misstatement -- When there is a
significant risk of material misstatement due to fraud, the auditor should consider
withdrawing from the audit and letting the audit committee (or those with equivalent
authority and responsibility) know why. Because each engagement is so different and can
have so many different variables, it is difficult to specify when withdrawal is appropriate.
However, two of the most important considerations are: (i) what implications the
auditor’s findings have on their evaluation of management integrity; and (ii) how diligent
and cooperative the client (management, audit committee, the board of directors, etc.) is
in investigating the circumstances and in taking appropriate action.
Before Withdrawing, the Auditor Should Consider Consulting with Legal Counsel.
Communicating with Management, the Audit Committee, and Others

When evidence that a fraud may exist is discovered, the auditor needs to bring it to the attention
of an appropriate level of management. Note that SAS No. 99 does not state that if risk factors
are found they must be brought to the attention of management. While the auditor may well
want to bring identified risk factors to the attention of management so that they can institute
controls to mitigate their effects, the auditor is not required to do so. The auditor is only required
to bring evidence that a fraud may exist to the attention of management.
Normally the auditor should take evidence about fraud to management at least one level above
where the fraud is suspected or took place. The auditor should communicate this information
even if the fraud is immaterial or inconsequential, such as an embezzlement by a lower-level
employee. To avoid disagreements or problems regarding lower-level employee
misappropriations, the auditor and the audit committee should reach an understanding, prior to
the engagement, about the expected nature and extent of communications if such fraud takes
place.
When fraud involves senior management and when it causes a material misstatement of the
financial statements it should be reported directly to the audit committee, who can take the
matter to the entire board of directors. If an audit committee does not exist, the fraud should be
reported to the senior executive in the firm. If there is a possibility that this senior executive is
involved in the fraud, the auditor should consider withdrawing from the engagement.
Sometimes the auditor will have to determine if the following items represent reportable
conditions that should be communicated to the audit committee and senior management: (i) risk
factors with continuing control implications (whether or not transactions or adjustments that
could be the result of fraud have been detected); and (ii) the absence of, or the poor quality of,
deficiencies in programs and controls to minimize or prevent specific fraud risks (or to otherwise
212
help prevent, deter, and detect fraud).
Conditions other than reportable conditions may also be reported if it is possible for management
to take actions to address them.
The fraud risks the auditor identifies during his or her risk assessment can, and probably should,
be communicated to the client. This can be communicated: (i) separately to the audit committee;
(ii) as part of an overall communication of business and financial-statement risks affecting the
organization; or (iii) as part of the auditor’s report on the quality of the entity’s accounting
principles
Ordinarily the auditor is not required to disclose possible fraud to anyone other than the client's
senior management and its audit committee. In fact, the auditor's ethical or legal obligations of
confidentiality do not allow him to disclose this information unless the matter is reflected in the
auditor's report. However, SAS No. 99 specifies that auditors do have a responsibility, in the
following circumstances, to disclose information to outsiders:
• To comply with certain legal and regulatory requirements, such as engagement
termination reports (reporting auditor changes on Form 8-K or when the fraud risk factors
constitute a reportable event or are the source of a disagreement) or reports relating to an
illegal act that has a material effect on the financial statements;
• To a successor auditor when they make an inquiry to comply with SAS No. 84,
Communications Between Predecessor and Successor Auditors;
• In response to a subpoena; and
• To a funding or other specified agency in accordance with requirements for the audits of
entities that receive financial assistance from the government.
Before discussing any of the items in this section with parties other than the client, the auditor
may wish to consult with legal counsel to avoid potential conflicts with the auditor's ethical and
legal obligations for confidentiality.
Documenting the Auditor's Consideration of Fraud

SAS No. 99 significantly extends the auditor’s documentation requirements with respect to
fraud. Auditors are now required to document in their working papers evidence of their
compliance with virtually all the major requirements of the SAS in order to help ensure that they
comply with its new requirements. SAS No. 99 lists the following items that auditors must
document:
• Discussions among engagement personnel while planning the audit, including:
o The susceptibility of the entity’s financial statements to material misstatement due
to fraud;
o How and when the discussion occurred;
o The audit-team members who participated; and
o The subject matter discussed;
213
• The procedures they performed to gather the information they needed to identify and
assess fraud risks;
• The fraud risk factors that were identified during planning and field work and the
auditor’s response to those risks;
• When the auditor concludes that additional procedures to address the risk of management
override of controls is not necessary, the support for that conclusion must be documented;
and
• The communications to management, the audit committee, and others regarding fraud.
Though not required, auditors may also want to consider documenting:

• How fraud risk factors were considered;
• Why the auditor believes that the identified risk factors might lead to fraud;
• The reasoning behind the auditor’s response to the risk factors;
• Any current control policies that might alleviate the effect of the risk factors;
• Any actions the client plans to take to alleviate the identified risks;
• All inquiries of management and other client personnel (who was asked, what was asked,
their response, etc.);
• The auditor's response to the risk factors identified, whether the response was individual
or in combination with other risk factors; and
• The auditor’s conclusion as to whether or not there is a heightened risk of fraud. When
there is a heightened risk, the auditor should document his or her basis for that
conclusion, including the specific risk factors found and their effect on the nature, timing,
and extent of audit procedures.
The auditor is allowed significant flexibility with respect to the form of documentation used to
meet documentation requirements. It might take the form of: (i) a comprehensive checklist that
lists risk factors by category; or (ii) a memo to document the risk factors identified and the
planned response.
Two other items of documentation that are important are the engagement letter and the
management letter. SAS No. 99 does not mention the engagement letter, but it is important for
the auditor to make sure that the responsibilities of both management and the auditors are spelled
out in the engagement letter. Doing so may help reduce the auditor’s legal liability.
Some audit firms currently send engagement letters with a sentence that goes something like.
“An audit is not designed and cannot be relied upon to detect irregularities such as defalcations
and embezzlements.” Unfortunately, this sentence has not accurately described the auditor’s
responsibility to detect fraud for some time. Now that SAS No. 99 has become effective, the
engagement letter should describe the auditor’s responsibility for fraud detection in terms that
are consistent with the new pronouncement. For example, the auditor could use terminology
214
such as the following in their engagement letters:
“The purpose of our audit is to express an opinion on the company’s financial statements
that provides reasonable assurance that those statements are free of material
misstatement, whether caused by error or fraud. However, an audit cannot provide
absolute assurance that all material misstatements are detected. Also, an audit is not
designed to detect error or fraud that is immaterial to the financial statements and cannot
be relied upon to do so.”
SAS No. 83, Establishing an Understanding with the Client, contains an example representation
letter. The letter suggests the following management representations, which can be used to
partially document the requirement in SAS No. 99 that the auditor inquire about management’s
knowledge of frauds:
• There has not been any fraud involving management or employees who have significant
roles in internal control; and
• There has not been any fraud involving others that could have a material effect on the
financial statements.
Prior to SAS No. 82, none of the communications with the client required the auditor to use the
word “fraud.” Fraud, in the eyes of many, is an emotionally laden word. Therefore, it is a good
idea for the auditor to verbally explain to top management that SAS No. 99 requires the use of
the word “fraud” in all GAAP audits (not just their audit), rather than the word “irregularities,”
which was previously used. This should help ensure that there is no misunderstanding or ill will
created when they receive the engagement letter or when the suggested statements regarding
fraud are requested in the management representation letter. It is certainly better to spend a little
time up-front to maintain good client relations than it is to try and mend fences when a problem
occurs.
It is the policy of some CPA firms to require their personnel to write a memo at the end of the
audit to document all client inquires and management responses concerning irregularities and
illegal acts. With the issuance of SAS No. 99, this policy should be updated to include the fraud-
related inquiries. If the CPA firm does not have such a policy, it is highly advisable that they
adopt one to comply with the new fraud-related documentation requirement. While SAS No. 99
does not actually require documentation regarding the client inquiries (as it does for the risk
factors that are identified), peer reviewers will probably expect documentation that the inquiries
were made and that consideration was given to management’s responses.
215
rationales.
1. Which of the following Statements on Auditing Standards states that determining the
nature, timing, and extent of the audit procedures is directly related to the auditor’s
consideration of audit risk?
A. SAS 1.
B. SAS 47.
C. SAS 82.
D. SAS 99.
2. Although auditors have a responsibility to detect material fraud,:
A. Management has the responsibility of designing and implementing controls and

programs to prevent and detect fraud.
B. The board of directors has the responsibility of designing and implementing
controls and programs to prevent and detect fraud.
C. The auditors also have the responsibility of designing and implementing controls
and programs to prevent and detect fraud.
D. The audit committee has the responsibility of designing and implementing
controls and programs to prevent and detect fraud.
3. According to SAS 99, while making inquiries of management and others within the entity
about fraud, which of the following groups should the auditor ask about how they oversee
the organization’s fraud-risk assessment?
A. Management.
B. Audit committee.
C. Internal audit personnel.
D. Others in the organization.
4. True or false: SAS 99 indicates that it is especially important to perform revenue-related

analytical procedures.
A. True.
B. False.
5. In responding to the results of the fraud risk assessment, obtaining more evidential matter
from independent or third-party sources is considered:
216
A. An overall response to identified risks.

B. A response to identified risks involving the nature, timing, and extent of
procedures to be performed.
C. A response to the risk that management could override controls.
D. A response to the risk of significant unusual transactions.
6. According to the SAS 99 list of examples for conditions identified during fieldwork that
either change or support their judgment regarding the assessment of fraud risk, balances
or transactions that are unsupported or unauthorized are considered:
A. Accounting records discrepancies.

B. Evidential matter that is conflicting or missing.
C. Relationships between the auditor and client that are problematic or unusual.
D. Significant unusual transactions.
either change or support their judgment regarding the assessment of fraud risk, items on
reconciliations that are significant and unexplained are considered:

8. Which of the following conditions would be evidenced by management that imposes

undue time pressures, especially for complex or contentious issues?

9. When the amount is material to the financial statements, in responding to misstatements

that may be the result of fraud, the auditor must:
A. Determine how this impacts other aspects of the audit.

B. Contact local law enforcement.
C. Withdraw from the engagement.
D. Evaluate the implications, especially those dealing with the organizational
position of the person(s) involved.
217
1. Which of the following Statements on Auditing Standards states that determining the
nature, timing, and extent of the audit procedures is directly related to the auditor’s
consideration of audit risk?
A. SAS 1. This answer is incorrect because SAS 1 Codification of Auditing

Standards and Procedures does not state that determining the nature, timing, and
extent of the audit procedures is directly related to the auditor’s consideration of
audit risk.
B. SAS 47. This answer is correct because SAS 47 Audit Risk and Materiality in
Conducting an Audit does state that determining the nature, timing, and
extent of the audit procedures is directly related to the auditor’s
consideration of audit risk.
C. SAS 82. This answer is incorrect because SAS 82 Consideration of fraud in
Financial Statement Audit was issued to provide guidance to auditors on how to
better consider material fraud while conducting a financial-statement audit but it
does not state that determining the nature, timing, and extent of the audit
procedures is directly related to the auditor’s consideration of audit risk.
D. SAS 99. This answer is incorrect because SAS 99 Consideration of fraud in
Financial Statement Audit was issued to improve audit performance and increase
the likelihood that auditors will detect material fraudulent financial statements,
but it does not state that determining the nature, timing, and extent of the audit
procedures is directly related to the auditor’s consideration of audit risk.
2. Although auditors have a responsibility to detect material fraud,:
A. Management has the responsibility of designing and implementing controls

and programs to prevent and detect fraud. This answer is correct because
management has the responsibility of designing and implementing controls
B. The board of directors has the responsibility of designing and implementing
controls and programs to prevent and detect fraud. This answer is incorrect
because the board of directors does not have the responsibility of designing and
implementing controls and programs to prevent and detect fraud.
C. The auditors also have the responsibility of designing and implementing controls
and programs to prevent and detect fraud. This answer is incorrect because the
auditors do not have the responsibility of designing and implementing controls
D. The audit committee has the responsibility of designing and implementing
controls and programs to prevent and detect fraud. This answer is incorrect
because the audit committee does not have the responsibility of designing and
implementing controls and programs to prevent and detect fraud.
218
3. According to SAS 99, while making inquiries of management and others within the entity
about fraud, which of the following groups should the auditor ask about how they oversee
the organization’s fraud-risk assessment?
A. Management. This answer is incorrect because management is not tasked with

the oversight of the organization’s fraud-risk assessment while making inquiries
of management and others within the entity about fraud.
B. Audit committee. This answer is correct because, according to SAS 99,
auditors should ask the audit committee about how they oversee the
organization’s fraud-risk assessment while making inquiries of management
and others within the entity about fraud.
C. Internal audit personnel. This answer is incorrect because internal audit personnel
are not tasked with the oversight of the organization’s fraud-risk assessment while
making inquiries of management and others within the entity about fraud.
D. Others in the organization. This answer is incorrect because “others” in the
organization are not tasked with the oversight of the organization’s fraud-risk
assessment while making inquiries of management and others within the entity
about fraud.
4. True or false: SAS 99 indicates that it is especially important to perform revenue-related

analytical procedures.
A. True. This answer is correct because SAS 99 does indicate that it is

especially important to perform revenue-related analytical procedures.
B. False. This answer is incorrect because SAS 99 does indicate that it is especially
important to perform revenue-related analytical procedures. For example, monthly
revenue for the current reporting period could be compared to revenue received in
a comparable period.
5. In responding to the results of the fraud risk assessment, obtaining more evidential matter
from independent or third-party sources is considered:
A. An overall response to identified risks. This answer is incorrect because

professional skepticism and audit evidence is an overall response to identified
risks.
B. A response to identified risks involving the nature, timing, and extent of
procedures to be performed. This answer is correct because obtaining more
evidential matter from independent or third-party sources is considered a
response to identified risks involving the nature, timing, and extent of
procedures to be performed.
C. A response to the risk that management could override controls. This answer is
incorrect because examining journal entries and other adjustments is a response to
the risk that management could override controls.
219
D. A response to the risk of significant unusual transactions. This answer is incorrect

because determining the business rationale behind the transaction is a response to
the risk of significant unusual transactions.
either change or support their judgment regarding the assessment of fraud risk, balances
or transactions that are unsupported or unauthorized are considered:
A. Accounting records discrepancies. This answer is correct because, according

to SAS 99, balances or transactions that are unsupported or unauthorized
are considered accounting records discrepancies.
B. Evidential matter that is conflicting or missing. This answer is incorrect because,
according to SAS 99, balances or transactions that are unsupported or
unauthorized are considered accounting records discrepancies, not evidential
matter that is conflicting or missing.
C. Relationships between the auditor and client that are problematic or unusual. This
answer is incorrect because, according to SAS 99, balances or transactions that
are unsupported or unauthorized are considered accounting records discrepancies,
not relationships between the auditor and client are problematic or unusual.
D. Significant unusual transactions. This answer is incorrect because, according to
SAS 99, balances or transactions that are unsupported or unauthorized are
considered accounting records discrepancies, not significant unusual transactions.
either change or support their judgment regarding the assessment of fraud risk, items on
reconciliations that are significant and unexplained are considered:
A. Accounting records discrepancies. This answer is incorrect because, according to

the SAS 99 list of examples, items on reconciliations that are significant and
unexplained are considered evidential matter that is conflicting or missing, not
accounting records discrepancies.
B. Evidential matter that is conflicting or missing. This answer is correct
because, according to the SAS 99 list of examples, items on reconciliations
that are significant and unexplained are considered evidential matter that is
conflicting or missing.
C. Relationships between the auditor and client that are problematic or unusual. This
answer is incorrect because, according to the SAS 99 list of examples, items on
reconciliations that are significant and unexplained are considered evidential
matter that is conflicting or missing, not relationships between the auditor and
client are problematic and unusual.
the SAS 99 list of examples, items on reconciliations that are significant and
unexplained are considered evidential matter that is conflicting or missing, not
significant unusual transactions.
220
8. Which of the following conditions would be evidenced by management that imposes

undue time pressures, especially for complex or contentious issues?
A. Accounting records discrepancies. This answer is incorrect because, according to

the SAS 99 list of examples, management that imposes undue time pressures,
especially for complex or contentious issues is considered a relationship between
the auditor and client that is problematic or unusual, not accounting record
discrepancies.
B. Evidential matter that is conflicting or missing. This answer is incorrect because,
according to the SAS 99 list of examples, management that imposes undue time
pressures, especially for complex or contentious issues is considered a
relationship between the auditor and client that is problematic or unusual, not
evidential matter that is conflicting or missing.
C. Relationships between the auditor and client that are problematic or
unusual. This answer is correct because, according the SAS 99 list of
examples, management that imposes undue time pressures, especially for
complex or contentious issues is considered a relationship between the
auditor and client that is problematic or unusual.
the SAS 99 list of examples, management that imposes undue time pressures,
especially for complex or contentious issues is considered a relationship between
the auditor and client that is problematic or unusual, not significant unusual
transactions.
9. When the amount is material to the financial statements, in responding to misstatements

that may be the result of fraud, the auditor must:
A. Determine how this impacts other aspects of the audit. This answer is
correct because SAS 99 does require an auditor to respond to material
misstatements that may be the result of fraud by determining how it impacts
other aspects of the audit.
B. Contact local law enforcement. This answer is incorrect because SAS 99 does not
require an auditor to respond to material misstatements that may be the result of
fraud by contacting local law enforcement.
C. Withdraw from the engagement. This answer is incorrect because SAS 99 does
not require an auditor to respond to material misstatements that may be the result
of fraud by withdrawing from the engagement.
D. Evaluate the implications, especially those dealing with the organizational
position of the person(s) involved. This answer is incorrect because SAS 99 does
not require an auditor to respond to material misstatements that may be the result
of fraud by evaluating the implications dealing with the organizational position of
the person(s) involved.
221
Glossary
Glossary
This is a glossary of key terms with definitions. Please review any terms you are not familiar
with.
Accounting symptoms: A type of fraud symptom that exists when some element of the
documents, journal entries, or ledgers was altered, forged, manipulated, or destroyed to hide the
fraud when a fraud is committed.
Analytical procedures: Evaluations of plausible relationships among financial and nonfinancial

data. The auditor uses historical records, projections, and trends to develop expectations about
the company and its data. These expectations are then compared to the company's recorded
amounts.
Analytical symptoms: A type of fraud symptom that exists when analytical procedures produce
results that deviate significantly from the auditor’s expectations.
Asset method: One of the two types of net worth calculations used to reveal discrepancies
between reported income and expenditures. The asset method uncovers inconsistencies in
revenue and expenses when the perpetrator uses illicit income to purchase assets.
Behavior symptoms: A type of fraud symptom. Behavioral psychologists and experienced

fraud investigators say that most fraud perpetrators, especially if they are first-time offenders,
alter their behavior in recognizable ways.
Computer security officers: A type of specialist who is responsible for fraud deterrence and
detection and has a significant deterrent effect on computer frauds. The security officer can
monitor the system and disseminate information about improper system uses and their
consequences.
Customer fraud: A type of external fraud in which an outsider is able to get something of value
without having to pay for it.
Document evidence: One of the most important types of evidence a fraud investigator gathers
is document evidence since it is the largest and the most frequently gathered type of evidence.
Documents provide a paper trail that shows an investigator what happened during each step as
the document was processed.
Document symptoms: A type of accounting symptom. Document symptoms exist when

documents are altered, forged, destroyed, missing, duplicated, used and/or out of order, voided,
or contain unusual or abnormal items.
Environmental symptoms: A type of fraud symptom that exists when a company has
confusion about honesty and ethics, past occurrences of fraud, domineering or overbearing
management, or the company frequently operates in rush mode. Studies have found that the
222
Glossary
honesty of some employees is significantly affected by the cultural standards of management and
their co-workers.
Evidence collection: Step two of the four-step investigation strategy, the objective of this step is
to determine if, in fact, a fraud did occur.
Evidence evaluation: Step three of the four-step investigation strategy, the objective of this step
is to determine whether it is sufficient to effectively evaluate and report the fraud.
Expected fraud loss: The mathematical product of fraud risk and fraud exposure.
Expenditure method: One of the two types of net worth calculations used to reveal
discrepancies between reported income and expenditures. The expenditure method is used when
the illicit income is spent on expensive living, travel, and entertainment, rather than to buy assets
such as cars and boats.
External fraud: A type of fraud in which an outsider steals company assets by committing
either a customer fraud or a vendor fraud.
Forensic accountant: A type of specialist who focuses on fraud prevention, detection,

investigation, and audit. Many have degrees in accounting and have received specialized
training with the FBI, IRS, or other law-enforcement agencies.
Fraud: An intentional act of deceit for the purpose of gaining an unfair advantage that results in
an injury to the rights or interests of another person.
Fraud detection: The procedures or actions undertaken to ascertain that a fraud has, in fact,
been committed.
Fraud exposure: The dollar amount that could be lost if a particular risk factor led to a fraud.
Fraud investigation: The purpose of a fraud investigation is to determine if, in fact, a fraud
occurred and, if it did, the extent of the fraud. To make this determination, there are a number of
different types of evidence that can be gathered and analyzed.
Fraud risk: The likelihood or probability that a fraud will actually take place.
Fraud symptoms: The signs or manifestations, such as missing assets; fraudulent documents;
and forged checks; that a fraud has taken place.
Fraudulent financial reporting: An intentional misstatement or omission of amounts or

disclosures in financial statements to deceive financial statement users.
Fraudulent reporting of company results: One of the four areas of fraud vulnerability,
company results are manipulated to look better than they actually are by inflating assets or net
income.
223
Glossary
Horizontal analysis: A means of analyzing individual financial statement account balances by

comparing the percentage changes and the total dollar changes between the years.
Internal control symptoms: A type of fraud symptom. Internal control symptoms exist when
there is one or more of the following; inadequate internal control, non-enforcement of internal
control, or inadequate monitoring of significant controls.
Investment fraud: A type of fraud in which a perpetrator sells an investor a worthless or

overpriced investment or promises an unusually high rate of return that cannot be honestly
earned.
Invigilation: The process of observing and controlling company activities so closely for a
period of time that fraud is virtually impossible.
Kiting: A common scheme used to hide a theft in which the perpetrator creates cash by taking
advantage of the timing lag between depositing a check and the check clearing the bank.
Lapping: A common scheme used to hide a theft in which the perpetrator steals the cash or
check that Customer A mails in to pay its accounts receivable. Funds received at a later date
from Customer B are used to pay off customer A’s balance.
Lifestyle symptoms: A type of fraud symptom that exists when perpetrators show off their
trappings of success and do not hide their newfound wealth. Any evidence of company
employees living beyond their means should be thoroughly investigated.
Misappropriation of assets: A theft of an entity’s assets. Misappropriation can be

accomplished in various ways, including embezzling receipts, stealing assets, or causing an
entity to pay for goods or services not received. Misappropriation of assets may be accompanied
by false or misleading records or documents and may involve one or more individuals among
management, employees, or third parties.
Misappropriation of company assets: One of the four areas of fraud vulnerability, it includes
company cash, inventory, supplies, equipment, machinery, and fixed assets are susceptible to
fraud.
Opportunity: One of the three conditions of the fraud triangle, it refers to the condition or
situation that allows a person or organization to do three things; commit the fraud, conceal the
fraud, and convert the theft or misrepresentation to personal gain.
Organizational structure symptoms: A type of fraud symptom, organizational structure

symptoms exist when an element of the organization does not have a well-defined or logical
business purpose which should be looked at more closely to determine if the company is trying
to hide something.
224
Glossary
Outsider/related party symptoms: A type of fraud symptom, outsider/Related Party symptoms

exist in examples such as frequent changes of auditors or lawyers or strained relationships
between management and its current or predecessor auditors. Accountants who audit firms with
frequent legal and auditor changes should be especially careful to investigate the reasons for the
changes and to discuss with management and predecessor auditors and lawyers, as appropriate,
the reasons for the changes.
People evidence: People in and out of a defrauded company are sources of evidence for fraud
investigators. Hotlines, informants, interviews, and interrogation can be used to gather the
information from the people with whom the perpetrator interacts.
Personal observance evidence: Evidence gathered by surveillance, undercover operations, and

invigilation.
Pressure: One of the three conditions of the fraud triangle, it refers to the non-sharable
problems individuals have that motivate them to act dishonestly.
Problem recognition and definition: Step one of the four-step investigation strategy, the
objective of this step is to determine if there is sufficient cause, or predication, to investigate the
fraud symptoms.
Purchasing, disbursement of cash, and shipment of goods: One of the four areas of fraud
vulnerability, company disbursements could be stolen or diverted to pay personal bills, fictitious
bills could be paid, kickbacks or bid-rigging could result in inflated billings, and payments could
be made for hours not worked or for employees who do not exist.
Rationalization: One of the three conditions of the fraud triangle, it allows perpetrators to
justify their illegal behavior.
Receipt of goods or cash: One of the four areas of fraud vulnerability, cash receipts could be
stolen or misapplied or goods intended for the company could be stolen or diverted to
unauthorized uses.
Report findings: Step four of the four-step investigation strategy, the objective of this step is to
write up the results in a fraud report, which is often the only evidence available to support the
fraud investigation.
Surveillance: The secret and continuous observation of persons, places, and things to obtain
information about the identity and activity of individuals suspected of fraud.
Vendor fraud: An outsider gets a company or individual to fraudulently pay for goods or
services.
Vertical analysis (balance sheet): A means of analyzing individual financial statement account
balances by assigning total assets and as well as total liabilities and equity a value of 100 percent
and then showing all other balance sheet items as a percentage of these two totals.
225
Glossary
Vertical analysis (income statement): A means of analyzing individual financial statement

account balances by assigning net sales a value of 100 percent and then showing all other income
statement items as a percentage of sales.
226
Index
Index
Evidence Collection182, 186, 187, 223, 238,
A
239
Accounting Symptoms.................... 222, 237 Evidence Evaluation ...... 182, 186, 187, 223,
Adelphia.......... 172, 173, 174, 176, 177, 178 238, 239
Adverse Opinions...................................... 99 Expected Fraud Loss................... 39, 44, 223
Analytical Procedures ............................. 222 Expenditure Method................................ 223
Analytical Symptoms...................... 222, 236 External Fraud....... 5, 8, 17, 19, 20, 223, 230
Arthur Andersen.............................. 160, 169
Asset Method .......................................... 222 F
Association of Certified Fraud Examiners Financial Pressure ..................................... 42
(ACFE) ........................ 1, 5, 16, 18, 58, 96 Forensic Accountant ......................... 96, 223
audit committee...... 193, 194, 196, 197, 211, forensic accountants............................ 95, 96
212, 213 Forensic Accountants................................ 96
Fraud .... 1, 2, 4, 5, 6, 7, 8, 10, 16, 18, 21, 23,
B
24, 25, 26, 31, 32, 34, 35, 39, 43, 44, 45,
Behavior Symptoms........................ 222, 237 49, 53, 58, 59, 62, 71, 75, 94, 96, 121,
bust-out ....................................................... 9 130, 131, 133, 134, 137, 143, 149, 152,
C 163, 171, 176, 178, 193, 194, 195, 196,
198, 201, 205, 208, 209, 211, 213, 215,
collusion.............. 5, 7, 23, 34, 116, 193, 200 223, 229, 232, 237, 243, 245, 246
Collusion ..................................................... 6 Fraud Detection................................. 94, 223
Company Vulnerabilities .......................... 94 Fraud Exposure ............. 34, 39, 43, 223, 232
Computer Security Officers .................... 222 Fraud Investigation ......................... 131, 223
Computer-Security Officers ...................... 95 Fraud Perpetrator .............................. 2, 4, 21
concealment ................................................ 3 Fraud Risk............... 34, 39, 43, 44, 223, 232
conversion ................................................... 3 fraud symptoms..... 94, 96, 97, 106, 108, 117
Customer Fraud............................... 222, 230 Fraud Symptoms ....................... 94, 223, 237
D fraud triangle ...................................... 26, 31
Fraud Triangle........................................... 26
Discovery Sampling................................ 139 fraudulent financial reporting .. 5, 7, 95, 196,
Document Evidence ........................ 136, 222 198, 199, 207
Document Symptoms.............................. 222 Fraudulent Financial Reporting ..... 7, 8, 207,
E 223, 230
Fraudulent Reporting of Company Results
Employee Fraud .............. 17, 19, 20, 56, 230
..................................... 122, 125, 223, 236
engagement letter ............................ 214, 215
Enron...... 160, 161, 162, 163, 166, 169, 170, H
176, 178 Handwriting Analysis ............................. 138
Environmental Symptoms....................... 222 Horizontal Analysis ........................ 101, 224
evidence 3, 6, 16, 19, 24, 58, 59, 94, 98, 108,
119, 131, 134, 135, 136, 137, 138, 139, I
140, 145, 147, 150, 151, 152, 154, 156, internal control ........ 195, 196, 200, 207, 215
178, 183, 193, 195, 196, 198, 201, 202, Internal Control Symptoms..................... 224
203, 205, 209, 210, 212, 213, 224 internal controls .......................... 3, 5, 7, 118
Interrogation............................................ 150
227
Index
Interviews........................................ 148, 150 Public Company Accounting Oversight

Investment Fraud ...... 5, 17, 19, 20, 224, 231 Board (PCAO Board) .......................... 157
Invigilation..... 153, 154, 184, 185, 191, 224, Public Company Accounting Oversight
241 Board (PCAOB) .......... 157, 185, 191, 241
Public Databases ............................. 141, 239
K
Purchasing, Disbursement of Cash, and
Kiting ............................ 39, 42, 84, 224, 232 Shipment of Goods ...... 122, 125, 225, 236
L R
Lapping ......................... 39, 42, 84, 224, 232 Ratio and Trend Analysis Symptoms ..... 106
Lifestyle Pressure...................................... 53 Rationalization .. 30, 150, 184, 190, 225, 240
Lifestyle Symptoms ................................ 224 Receipt of Goods or Cash 122, 125, 225, 236
M red flags................................... 11, 50, 58, 94
related-party transactions ..... 76, 80, 87, 115,
Management Financial Pressure ............. 233 117
Management Fraud ... 5, 17, 19, 20, 206, 230 Report Findings182, 186, 187, 225, 238, 239
Manipulation ............................................... 7 representation letter................................. 215
mark-to-market accounting..................... 161
misappropriation of assets5, 6, 198, 199, 205 S
Misappropriation of Assets ............. 6, 8, 224 Sarbanes-Oxley Act of 2002.................... 157
Misappropriation of Company Assets ... 122, SAS No. 82 ..................... 193, 195, 198, 215
125, 224, 236 SAS No. 99 .. 5, 6, 7, 45, 193, 195, 196, 198,
N 199, 201, 203, 206, 208, 210, 211, 212,
213, 214
National Commission on Fraudulent Searches .......... 153, 184, 185, 190, 191, 241
Financial Reporting (Treadway Securities & Exchange Commission (SEC)
Commission)............................................ 7 ...... 85, 100, 110, 113, 157, 158, 159, 164,
net worth ......................................... 144, 146 168, 169, 170, 171, 175, 176, 185, 191
Net Worth Analysis................................. 144 situational pressures ............................ 27, 32
O State Government.................................... 142
substantive test 200, 201, 202, 203, 207, 210
Opportunity ................. 38, 42, 224, 231, 232 Surveillance..... 152, 184, 190, 191, 225, 241
Organizational Structure Symptoms ....... 224
Outsider/Related Party Symptoms.......... 225 T
P The National Commission on Fraudulent
Financial Reporting (Treadway
Paper Analysis ........................................ 139 Commission)............................................ 7
People Evidence.............. 137, 183, 187, 225 Tip and Complaint Symptoms ................ 113
Personal Observance Evidence ............... 225 Treadway Commission ............................... 7
Physical Evidence .. 137, 154, 183, 185, 187, Typewriter and Printer Analysis ............. 139
191
Ponzi schemes........................................... 10 U
Pressure ......................... 27, 28, 54, 161, 225 Undercover Operations .. 184, 185, 190, 191,
Problem Recognition and Definition ..... 182, 241
186, 187, 225, 238, 239
professional skepticism... 193, 194, 195, 201 V
Vendor Fraud .......................... 225, 230, 231
228
Index
Vertical Analysis (Balance Sheet) .......... 225 Whistle-Blower ................................. 24, 163
Vertical Analysis (Income Statement) .... 226 whistle-blowing....................................... 114
WorldCom............... 166, 167, 168, 169, 171
W
whistle-blower........................................... 24
229

2 PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

2 PDF

Hochgeladen von

Copyright:

Verfügbare Formate

Fraud Prevention, Detection & Audit

Course # 3043, 16 CPE Credits

Course CPE Information

© Copyright 2007 Marshall B. Romney

Course CPE Information

Chapter Learning Objectives and Content

Review Question Answers and Rationales

Western CPE Self-Study

Course CPE Information .............................................................................................................. i

Chapter 2 Review Questions ..................................................................................................... 38

Monitor Corporate Pressures.................................................................................................. 58

Risk Factor: Management’s Disregard for Guidelines, Controls, or Regulatory Authorities 78

Four Areas of Vulnerability....................................................................................................... 94

Chapter 6 – Fraud Investigation and Audit ........................................................................... 130

Directions: ............................................................................................................................ 154

Evaluating Fraud Risk At or Near the Completion of the Audit.......................................... 211

Chapter 1 – Introduction to Fraud

Consider the following estimates of fraud in the United States:

The following example illustrates the conversion process.

perpetrators must collude with each other.

The Nature and Elements of Fraud

The most frequent forms of employee/customer collusion include unauthorized loans or

The theft of cash can take many forms, including:

Example: An information-systems manager at a Florida newspaper went to work for a

Fraudulent Financial Reporting

Fraudulent financial reporting is usually committed by those high enough in an organization to

Example: An individual set up Discount Merchandise (appropriately named) in Chicago and

Corporate payroll checks are particularly vulnerable to these schemes.

Ponzi’s scheme required an ever-increasing amount of money to keep it from collapsing.

“Red flags” Indicating an Investment Scam

Charles Ponzi Case

Ponzi’s notes read as follows:

The Securities Exchange Company, for and in consideration of the sum of

The Securities Exchange Company,

Chapter 1 Review Questions

A. $11 billion a year.

3. To commit most frauds, a perpetrator must take which three steps?

6. Granting loans to fictitious borrowers is an example of:

8. A bust-out, a premeditated bankruptcy or insolvency, is an example of:

Chapter 1 Review Question Answers and Rationales

A. True. This answer is correct because fraud is defined as an intentional act of

3. To commit most frauds, a perpetrator must take which three steps?

6. Granting loans to fictitious borrowers is an example of:

A. Employee fraud. This answer is correct because granting loans to a fictitious

A. Employee fraud. This answer is incorrect because employee fraud is related to

8. A bust-out, a premeditated bankruptcy or insolvency, is an example of:

A. Employee fraud. This answer is incorrect because employee fraud is related to

Chapter 2 – Who Commits Fraud and Why

Profile of the Fraud Perpetrator

• Fifteen percent were employed between three and five years.

Social Forces Contributing to Fraud

We will discuss five of them:

Ostracism of the Whistle-Blower

Failure to Report Fraud

Failure of Businesses to Prosecute Fraud Perpetrators

Failure of Law-Enforcement Officials to Prosecute Fraud Perpetrators

o As a result, it is harder to successfully prosecute fraud cases and to get convictions

Light Sentences for Perpetrators

The Fraud Triangle

One type of pressure motivating misappropriation of assets, or employee fraud, is financial in

A second type of employee pressure is related to emotional feelings or problems. Many

Χ I occupy a very important position of trust. I am above the rules.

Interaction of the Fraud-Triangle Elements